urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/mmcz79u5
Submission: On December 12 via manual from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 14 countries across 105 domains to perform 387 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 263737.
TLS certificate: Issued by R3 on December 7th 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 161.35.94.188 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.70 15169 (GOOGLE)
1 167.172.55.208 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 178.32.210.227 16276 (OVH)
1 3 63.33.18.223 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
5 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
15 52.51.96.110 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 29 51.89.9.254 16276 (OVH)
22 178.128.135.204 14061 (DIGITALOC...)
12 19 185.89.210.122 29990 (ASN-APPNEX)
1 67.202.105.22 32748 (STEADFAST)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 3 54.228.143.85 16509 (AMAZON-02)
3 34.149.40.38 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 178.79.242.16 22822 (LLNW)
6 6 35.244.159.8 396982 (GOOGLE-CL...)
4 6 198.47.127.19 3257 (GTT-BACKB...)
4 4 208.93.169.131 46244 (WEBMD-IDC...)
5 23 172.64.151.101 13335 (CLOUDFLAR...)
4 4 23.201.255.110 16625 (AKAMAI-AS)
10 2.19.217.60 16625 (AKAMAI-AS)
17 23 142.250.185.226 15169 (GOOGLE)
5 5 3.222.179.146 14618 (AMAZON-AES)
4 4 13.32.27.83 16509 (AMAZON-02)
4 4 193.0.160.131 54312 (ROCKETFUEL)
3 9 35.244.174.68 15169 (GOOGLE)
11 15.197.193.217 16509 (AMAZON-02)
2 2 52.28.254.225 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
7 8 37.157.4.29 198622 (ADFORM)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 9 52.46.128.147 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
4 4 98.98.134.243 21859 (ZEN-ECN)
3 4 54.194.196.88 16509 (AMAZON-02)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 1 34.160.19.107 15169 (GOOGLE)
24 43 69.173.144.139 26667 (RUBICONPR...)
2 4 52.94.222.140 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
7 7 52.31.27.40 16509 (AMAZON-02)
7 7 3.75.62.37 16509 (AMAZON-02)
1 23.48.23.57 20940 (AKAMAI-ASN1)
1 2600:9000:225... 16509 (AMAZON-02)
3 35.156.254.191 16509 (AMAZON-02)
2 2 54.162.68.92 14618 (AMAZON-AES)
2 3 216.52.2.48 32475 (SINGLEHOP...)
2 3 145.40.97.67 54825 (PACKET)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 192.132.33.68 18568 (BIDTELLECT)
1 34.149.50.64 396982 (GOOGLE-CL...)
3 3 54.166.150.36 14618 (AMAZON-AES)
3 3 46.228.164.11 56396 (AMOBEE)
7 7 46.228.174.117 56396 (AMOBEE)
1 70.42.32.191 22075 (AS-OUTBRAIN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
5 23.32.184.192 16625 (AKAMAI-AS)
4 185.29.132.245 30419 (MEDIAMATH...)
10 185.64.191.210 62713 (AS-PUBMATIC)
1 1 2620:116:800d... 16509 (AMAZON-02)
9 198.47.127.205 62713 (AS-PUBMATIC)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
9 10 3.69.92.105 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 8 81.17.55.173 60781 (LEASEWEB-...)
3 4 151.101.194.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 35.214.215.74 15169 (GOOGLE)
2 2 213.155.156.168 1299 (TWELVE99 ...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 35.186.193.173 15169 (GOOGLE)
1 1 141.95.171.139 16276 (OVH)
2 2 141.94.170.64 16276 (OVH)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.16.120.138 16509 (AMAZON-02)
1 198.47.127.20 62713 (AS-PUBMATIC)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 151.101.129.108 54113 (FASTLY)
11 95.101.148.20 16625 (AKAMAI-AS)
2 2.16.164.91 20940 (AKAMAI-ASN1)
8 95.101.196.17 16625 (AKAMAI-AS)
8 68.67.179.153 29990 (ASN-APPNEX)
2 23.35.236.188 16625 (AKAMAI-AS)
2 34.95.69.49 396982 (GOOGLE-CL...)
4 23.212.88.20 16625 (AKAMAI-AS)
3 151.101.1.108 54113 (FASTLY)
4 4 2607:ae80:192... 26558 (FREEWHEEL)
3 3 80.77.87.162 46636 (NATCOWEB)
1 1 185.86.138.152 201081 (SMARTADSE...)
4 5 198.47.127.18 62713 (AS-PUBMATIC)
1 108.139.243.83 ()
2 50.31.142.63 ()
2 54.155.221.156 ()
2 3 185.86.139.93 ()
6 2600:9000:205... ()
2 77.245.57.72 ()
2 52.206.176.4 ()
2 216.52.2.16 ()
1 1 69.166.1.34 ()
1 1 50.16.53.197 ()
1 1 2.18.160.23 ()
1 1 34.96.71.22 ()
11 34.247.205.196 ()
2 2 188.42.34.65 ()
1 8.18.47.7 ()
1 185.64.190.81 ()
1 162.55.120.196 ()
1 2606:4700:10:... ()
1 54.246.157.113 ()
387 102
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    161.35.94.188 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-16.buysellads.com
cdn4.buysellads.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    167.172.55.208 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-18.buysellads.com
srv.buysellads.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    178.32.210.227 (Ivry-sur-Seine, France)

ASN16276 (OVH, FR)
PTR: ip227.ip-178-32-210.eu
prg.smartadserver.com
3    63.33.18.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-18-223.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
5    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
15    52.51.96.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
29    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
22    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
19    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    67.202.105.22 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    54.228.143.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-143-85.eu-west-1.compute.amazonaws.com
ice.360yield.com
ad.360yield.com
3    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net
cdn.topsrvimp.com
6    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
6    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
23    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
r.casalemedia.com
dsum.casalemedia.com
4    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
23    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
5    3.222.179.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-179-146.compute-1.amazonaws.com
i.liadm.com
4    13.32.27.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com
4    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
9    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
11    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    52.28.254.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
8    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
9    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2a05:d018:cc3:fe05:360d:1e8d:2547:a624 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
4    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    54.194.196.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
43    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2a05:d018:d29:3601:c84a:f3f:c1a8:24dc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    52.31.27.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-27-40.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
7    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.48.23.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-57.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:9000:2251:7400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
3    35.156.254.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-254-191.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    54.162.68.92 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-68-92.compute-1.amazonaws.com
sync.ipredictive.com
3    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.68.bidtellect.com
bttrack.com
1    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
3    54.166.150.36 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-150-36.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    2600:1f18:ed:550f:2ea8:40b3:7109:7bd2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
5    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
9    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
10    3.69.92.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
8    81.17.55.173 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    63.251.232.165 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    35.214.215.74 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 74.215.214.35.bc.googleusercontent.com
csync.loopme.me
2    213.155.156.168 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
cm.ctnsnet.com
1    141.95.171.139 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.16.120.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-120-138.eu-west-1.compute.amazonaws.com
a.audrte.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs-simple.com
11    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    2.16.164.91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-91.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
8    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
8    68.67.179.153 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hblg.media.net
3    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
5    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    108.139.243.83 (None, )

ASN- ()
public.servenobid.com
2    50.31.142.63 (None, )

ASN- ()
b1sync.zemanta.com
2    54.155.221.156 (None, )

ASN- ()
g2.gumgum.com
rtb.gumgum.com
3    185.86.139.93 (None, )

ASN- ()
ssbsync.smartadserver.com
6    2600:9000:2057:4600:1f:4c18:bd40:93a1 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
2    77.245.57.72 (None, )

ASN- ()
sync.adkernel.com
2    52.206.176.4 (None, )

ASN- ()
cs-server-s2s.yellowblue.io
2    216.52.2.16 (None, )

ASN- ()
ap.lijit.com
1    69.166.1.34 (None, )

ASN- ()
sync.go.sonobi.com
1    50.16.53.197 (None, )

ASN- ()
ssp.disqus.com
1    2.18.160.23 (None, )

ASN- ()
hbx.media.net
1    34.96.71.22 (None, )

ASN- ()
s.company-target.com
11    34.247.205.196 (None, )

ASN- ()
usersync.gumgum.com
2    188.42.34.65 (None, )

ASN- ()
ads.betweendigital.com
1    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
1    54.246.157.113 (None, )

ASN- ()
cs.yellowblue.io
Apex Domain
Subdomains		 Transfer
62 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
107 KB
38 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
ads.pubmatic.com — Cisco Umbrella Rank: 544
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
image4.pubmatic.com — Cisco Umbrella Rank: 1224
image8.pubmatic.com — Cisco Umbrella Rank: 661
simage4.pubmatic.com
54 KB
32 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1443
cdn.adnxs.com — Cisco Umbrella Rank: 1605
acdn.adnxs.com — Cisco Umbrella Rank: 610
125 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
196 KB
29 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
15 KB
25 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net — Cisco Umbrella Rank: 665
warp.media.net — Cisco Umbrella Rank: 2561
lg3.media.net — Cisco Umbrella Rank: 6606
hblg.media.net — Cisco Umbrella Rank: 2037
hbx.media.net
262 KB
23 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
r.casalemedia.com — Cisco Umbrella Rank: 1462
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
16 KB
22 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 9704
71 KB
18 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1657
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com
16 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2371
public.servenobid.com
10 KB
13 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
4 KB
13 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
9 KB
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 263737
344 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
4 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
2 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
3 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
9 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
id.rlcdn.com — Cisco Umbrella Rank: 711
888 B
8 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
dmp.adform.net — Cisco Umbrella Rank: 2870
5 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
4 KB
6 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
4 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
3 KB
6 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
3 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 672
us-u.openx.net
1 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
8 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
u.4dex.io — Cisco Umbrella Rank: 3500
28 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
ap.lijit.com
2 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
244 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
2 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850
casale-match.dotomi.com
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2112
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
999 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
3 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
4 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
3 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
3 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 931
api.btloader.com — Cisco Umbrella Rank: 1000
21 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io
cs.yellowblue.io
2 KB
3 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
d.turn.com Failed
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
3 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
506 B
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
103 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1817
ad.360yield.com — Cisco Umbrella Rank: 666
923 B
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
visitor.omnitagjs.com — Cisco Umbrella Rank: 656
2 KB
3 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 28340
175 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
257 KB
2 betweendigital.com
ads.betweendigital.com
2 KB
2 adkernel.com
sync.adkernel.com
268 B
2 zemanta.com
b1sync.zemanta.com
128 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1053
104 B
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1939
592 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
60 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24651
498 B
2 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18123
1 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
cm.ctnsnet.com
747 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4497
562 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
747 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
1011 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
522 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
958 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 topsrvimp.com
cdn.topsrvimp.com — Cisco Umbrella Rank: 16941
33 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1018
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 zeotap.com
mwzeom.zeotap.com
439 B
1 truffle.bid
matching.truffle.bid
1 deepintent.com
match.deepintent.com
44 B
1 company-target.com
s.company-target.com
424 B
1 disqus.com
ssp.disqus.com
498 B
1 sonobi.com
sync.go.sonobi.com
623 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2660
47 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901
555 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 32406
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5215
279 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
226 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1072
552 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
592 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 689
145 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
495 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
284 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 815
163 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
523 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
315 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
670 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
349 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1380
181 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 904
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 21550
718 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
1 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
387 105
Domain Requested by
29 pixel.rubiconproject.com 15 redirects pastelink.net
onetag-sys.com
29 onetag-sys.com 5 redirects cdn4.buysellads.net
pastelink.net
onetag-sys.com
public.servenobid.com
23 cm.g.doubleclick.net 17 redirects pastelink.net
onetag-sys.com
g2.gumgum.com
22 rt.marphezis.com cdn4.buysellads.net
pastelink.net
ssum-sec.casalemedia.com
16 ib.adnxs.com 9 redirects cdn4.buysellads.net
pastelink.net
acdn.adnxs.com
15 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
onetag-sys.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
13 pastelink.net pastelink.net
12 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
11 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
11 contextual.media.net rt.marphezis.com
acdn.adnxs-simple.com
pastelink.net
contextual.media.net
cdn4.buysellads.net
11 token.rubiconproject.com 7 redirects eus.rubiconproject.com
11 match.adsrvr.org ssum-sec.casalemedia.com
pastelink.net
ads.pubmatic.com
onetag-sys.com
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
10 x.bidswitch.net 9 redirects onetag-sys.com
10 simage2.pubmatic.com ads.pubmatic.com
10 eus.rubiconproject.com pastelink.net
eus.rubiconproject.com
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
9 image2.pubmatic.com ads.pubmatic.com
9 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
pastelink.net
onetag-sys.com
8 nym1-ib.adnxs.com rt.marphezis.com
acdn.adnxs-simple.com
pastelink.net
cdn.adnxs.com
8 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
8 ssum-sec.casalemedia.com 3 redirects pastelink.net
ssum-sec.casalemedia.com
public.servenobid.com
8 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
pastelink.net
www.googletagservices.com
7 ups.analytics.yahoo.com 7 redirects
7 match.prod.bidr.io 7 redirects
7 c1.adform.net 6 redirects ads.pubmatic.com
6 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
6 lg3.media.net pastelink.net
contextual.media.net
6 sync.1rx.io 6 redirects
6 image6.pubmatic.com 4 redirects ads.pubmatic.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 prg.smartadserver.com cdn4.buysellads.net
5 image8.pubmatic.com 4 redirects onetag-sys.com
5 ads.pubmatic.com pastelink.net
ads.pubmatic.com
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
5 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
5 i.liadm.com 5 redirects
5 u.openx.net 5 redirects
5 fastlane.rubiconproject.com cdn4.buysellads.net
4 ads.stickyadstv.com 4 redirects
4 hblg.media.net pastelink.net
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com ads.pubmatic.com
onetag-sys.com
4 id.rlcdn.com pastelink.net
onetag-sys.com
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects pastelink.net
ads.pubmatic.com
4 pixel.tapad.com 3 redirects pastelink.net
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 pixel-sync.sitescout.com 4 redirects
4 p.rfihub.com 4 redirects
4 live.rezync.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 bh.contextweb.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 cs.admanmedia.com 3 redirects
3 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
3 acdn.adnxs.com pastelink.net
cdn4.buysellads.net
3 ad.turn.com 3 redirects
3 secure.adnxs.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 prebid.a-mo.net 2 redirects pastelink.net
3 ce.lijit.com 2 redirects pastelink.net
3 match.sharethrough.com pastelink.net
public.servenobid.com
cs-server-s2s.yellowblue.io
3 creativecdn.com 3 redirects
3 u.4dex.io ads.pubmatic.com
onetag-sys.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 api.btloader.com btloader.com
3 cdn4.buysellads.net pastelink.net
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
2 ads.betweendigital.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 sync.adkernel.com public.servenobid.com
2 b1sync.zemanta.com g2.gumgum.com
ssbsync.smartadserver.com
2 i.clean.gg acdn.adnxs-simple.com
2 cdn.adnxs.com rt.marphezis.com
2 warp.media.net rt.marphezis.com
2 qsearch-a.akamaihd.net rt.marphezis.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 pubmatic-match.dotomi.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 pool.admedo.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 visitor.omnitagjs.com 1 redirects pastelink.net
2 dis.criteo.com 2 redirects
2 capi.connatix.com 1 redirects pastelink.net
2 sync.ipredictive.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cdn.topsrvimp.com cdn4.buysellads.net
2 www.googletagservices.com securepubads.g.doubleclick.net
2 ice.360yield.com 2 redirects
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 ad-delivery.net pastelink.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
2 fonts.googleapis.com pastelink.net
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 mwzeom.zeotap.com g2.gumgum.com
1 matching.truffle.bid ads.pubmatic.com
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 us-u.openx.net 1 redirects
1 s.company-target.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 public.servenobid.com cdn4.buysellads.net
1 ad.360yield.com 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 acdn.adnxs-simple.com rt.marphezis.com
1 mug.criteo.com
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 green.erne.co 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cms.quantserve.com 1 redirects
1 i6.liadm.com pastelink.net
1 sync.outbrain.com pastelink.net
1 sync.targeting.unrulymedia.com 1 redirects
1 s.seedtag.com pastelink.net
1 bttrack.com pastelink.net
1 live.primis.tech pastelink.net
1 hb.yahoo.net pastelink.net
1 px.ads.linkedin.com pastelink.net
1 dmp.brand-display.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ssc-cms.33across.com pastelink.net
1 mp.4dex.io cdn4.buysellads.net
1 hbopenbid.pubmatic.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 ad.doubleclick.net pastelink.net
1 btloader.com cdn4.buysellads.net
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com pastelink.net
0 uipglob.semasio.net Failed g2.gumgum.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 tg.socdm.com Failed g2.gumgum.com
0 d.turn.com Failed ssum-sec.casalemedia.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
387 160
Subject Issuer Validity Valid
pastelink.net
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn4.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-11-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.topsrvimp.com
Go Daddy Secure Certificate Authority - G2		 2023-10-16 -
2024-11-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-12-08 -
2025-01-05		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh

This page contains 73 frames:

Primary Page: https://pastelink.net/mmcz79u5
Frame ID: B7070859ABB0B64DFB89A8B95C4FDA54
Requests: 78 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: EB5436D963B3305DB8BA7946C2B5B924
Requests: 1 HTTP requests in this frame

Frame: https://8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 792237FF22DAE9FEF667BEE945BB2831
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FD4FF2722E5868AEB47DF66FF673049
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90369DA959283D455C9631942C2F5ABD
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq8LwDB-pts6wJVABnzLXcwMooJt_1y8tkDSuqETmB-HCmn9e0w7XRf_OwdKxyOM99j75_TIDpBw28fsl2Cjqq_7CJ9C5g_GeZtrtujwmUPLcrud3daooTOZyLwGFtluVJ8FxSVpLSFIjy90W4APWUu6tmqR0DE2Bo76x21SpGwmacf00ZR7jqei9FpbxS7aSQrrVVQRs-DbBhrldK7XtUbe1CtOLVpoacxghDIVanBsHvEbv9JICsu8589Tssy-dB8njV84K3m5WM6rqSeU9v-uXqLtQ_PjrGCd0rRajFHW7lBEG9KkpRf10jLbHrvuTUSFakvaLihVNUMXLsd0qRkuJXWwOXbeAXrYp7x9s_y03WJVxZE4IxM_JsMb8_OAv9Ef52&sai=AMfl-YSdGXEuuYeZ42Z_H1wnmV19OhFazOJsD9_KXVMtsz5yQGGndXCYrIKLFubb8NupyWc0xFcNs24-xUQmsPyY_uCUgRbuzate2_czcxhA68YFOG17fN9gtog271PsHwxiM_PaUpKzjJHrawAuc-FX1YuS&sig=Cg0ArKJSzPnxZ7tJaSNwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E911A1F5131165B4D6B0C5BCCFEF2493
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjwaZ8lbHUv0VlhW-Zk9ub237pCrWqjE8G-n3nohWjvW8RVejEil8mdcTuwNxvVCzv33yDlhZGvOWtwn0EJ71zVm2bivgZYtzvODgd6KcFb-9ZA10S9JCfkdYGdDHvqGUj0wQV_ofz4UzV3rWIZW-kW_mn3TVt3iOo9lNRrmCsVBovlKjDAowgWHo5VQo0updz6lSFFfQ8oC0uCEOtCPwCQKBY12wfZCH0_N5c8pLS_4_nceYBul-n5WUzTBxj50CgTy_8KVlh6oGSIC_ktxGfMgX8a8BQIbz4VQUxXQXBeNQ6Beeo_sGKMaBALRPUIUksxEUWQS7ZzXgfD4lEoLywuW4gYSwkjWrO0qu_Wwj_i5qBv0m1sJTBYTS33fYDk07ARRw4&sai=AMfl-YTCb3lebm6V5fKyUS-nMmwxpE6BT-1PfnyBii6VbAOOihVvNyUTNucD7P0Km9STiyOkhnqEQ2iMnzGPHML4TusFeZhPsTztbLCKFbtivxOTDvqJn3otMot5Rzc0HBD1mBB_osasdbbdnOkka2Im5p4q&sig=Cg0ArKJSzIYaFQKYRHZ4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7D2D76C3A8902F28CC5409CA1D983E7F
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Frame ID: BE7C76D0216FEAABD2ECCDC892D7CA30
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Frame ID: 69ED98B907CA5AB2FB6CEEBBB5E99DD9
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Frame ID: 830533724AC2718C4AB4C179E64E8151
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Frame ID: 7CCB5A31EA848043EABEBDBA3D716BC0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 3D0CC9D3926D872E527D0109BF770D71
Requests: 18 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 7147F1259B7A8BC46A97201E3EFBF567
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7C11102A26E7A52D5A32687B009272DC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=457C0E3B-119F-4C87-8B76-6993553AC403&redir=true&gdpr=0&gdpr_consent=
Frame ID: 8E521F89F8420D3E40E63FCDAD529D2E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1
Frame ID: BB8CA4B1B93E66A85138386674869C35
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7176766822098981487&gdpr=0&gdpr_consent=
Frame ID: 01A11247D96DE52820F56C0CFF1D1DD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7311687423465945248&gdpr=0&gdpr_consent=
Frame ID: 9405D45D61738C30F70F372E62C2D2AC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ol13Km9rW5N_haph2upMcrnDR9k&gdpr=0&gdpr_consent=
Frame ID: EEE95E63C64BD4325AB3AD5F097E8B50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 9649428CE9BEAA3D9D8976ABE358B348
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC2mU7K8KoAABRae0t2PA&gdpr=0&gdpr_consent=
Frame ID: C4F1B02B047B0F17596DB1DC711B2667
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXhU_QAGY5ELUgBH
Frame ID: 8976967C22C4A6F7DA7C7805B4534BA6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb85c77a1eb4641b7982417bfbbe7dc72
Frame ID: 443EC1B21D5052D41F8009496A1D498F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 672FF0A9E0A3B6C78BC292B91661BF7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 4160705E858C01AEA67000CCC3434671
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3763969272172057271
Frame ID: 1F72518B5D0E59512B2DDE915B3EF359
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631277691006
Frame ID: 313B1479B35E31EF31B772E06F0A9476
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: E6D2FF843B33833579B32A7C5299B613
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7B4F9306B83F26D0F15DCC0D90E5FE49
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRUhMXSnnMXhhbWaT&gdpr=0&gdpr_consent=
Frame ID: 8A227B49C64E989500292D6DBC56BCB5
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 5253E75E100C98AC5CF90EF6B5D88FC9
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)457C0E3B-119F-4C87-8B76-6993553AC403
Frame ID: 06273B1C49DE9332B0011491086B9A08
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 140F6204BE0D06914658E3D836E57A7C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 1D602A883BB85C3000312E8B8AB93059
Requests: 16 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Frame ID: 56F3F8B5175FBBFB5B4D100FB7CF62CC
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2665&&kkdd=H*%7CW%7CuH*nh39A&93=Dqq&f9=vPq~DdIddmI~PdBdBII&1YjG=v&VbjO=q&HYf=vv~m&TbHL=*DI6&H9Y=d!oIh!Qnk&HjHY=j.BT08TiT!.H7qWg3G7L8S%3D%3D&HG9Y=~BIId6~dB&b9FL=Dqqw~6q&HH=!t&bH=Kt&HNxV=cyEi4ks4aA7&j9Y=d-y!4~4yl&Tj9Y=4~vDDI~&NTTjb=v&GGG=TFkJN*HgJ*ELHYKJQva3TmDj(E74FGlXXB1SMLCmhDX!Ain32uDeK3%3D%3D&u3Gp=NTTjb%3A%2F%2FjObTLg9xuzxLT&Lu3Gp=3PPaS%3AiiavSPe2dFozFeP&xbL=6&g3=v&C1Y=I&OYTv=d!oScv6~e&OYT~=ddv6~BdvI&XYOTO=bY~%3DxCggRTT%3DqR9CGgEg%3D~qR81LGjV%3Dqzq~Rf3ELwH%3DqzvdRbVVEX9Y%3DqzqvRf9bEbY%3D~m~Rb8X2%3DqRYH~%3DvR9bTV%3D~RbHY%3DF1RfEObx%3D6BdqDRfg~GEbY%3D~q~Dv~v~q6R9CGgEX%3DvPP6zd~RCGgETuH%3DqRbTY%3D~PvmPD~dRgObT%3DRHf81%3DqzDPRf9bECGgEX%3Dqz~vRfg~GE9EbY%3D~q~Dv~v~q~R9j%3DD8ok3HRpXX%3DqRf9bECGgEg%3D~qRG99jCO%3DI%2CIRLT%3D~vRGH%3DvRVT9Y%3D-yqqqqv~Rfg~GE9EX%3DqzqvRGjbEbY%3D~q~Dv~v~qBRf9bEX%3DDmqzdBRCGgEX%3Dqz6BRfg~GECGgEX%3DqRfg~GECGgEf9%3DvaJvBRCGgETf9%3DqRbVVE3G%3DIz6IIBRLHjELLG%3DvqDRCGgEg%3D~qRbgf%3DqR1HOT%3DJvRXX%3DvmBRff%3DqRbVVEVCg%3DqzBvRHfg~GEbY%3D~mIRGpf%3DqRg~GEX%3DvqqqRLGjV%3Dqzq~Rfg~GECGgEuH%3DqaqRjb9EH%3Dv%2Cv%2Cq%2Cq%2Cq%2Cq%2Cq%2CqRXV%3DvRjb9EY%3DqRbVVEbY%3D~q~Dv~v~q~RODjEX%3DvzD~%2CDdzvvRb9Y%3D~BIId6~dBRbY%3DqRC9Y%3D~0OAgcgCtmnjP*3N1WRHfg~GEX%3DqzDPRXTY%3DDqPmmmvqI6I~qdBPPvqmDI~vB~6Dq~DPv6q6DDq~PdBv~dDBmIBDDI6qm~dDmvBqd6PPqPPP~BIBI6BdB6PBImBvPI~6DPDBmD~66BdRf3C%3DqzvdRY~jEg%3DvqRHfg~%3DqzDPRDjHp%3DvqqqRC9V%3DqRYVVEbTG1%3Dx8EbTGOTL1WRY~jEX%3DqzmBR81Y~jEX%3DqzmBRfCGgEX%3D~zqvRbb%3DcsRHH%3D!tRC93%3DJvRHL%3DqRGjbEX%3DDdzvvRGHf%3Dv~zI~RfCGgEg%3D~qRGjbECGgEX%3DIBzvvR!0%3DDq6mRuXECH%3DJ~RxTb%3DvRuXEHHub%3DJ~RZ-~%3Dz)%2Fjz)RHT%3DNCxLxXLG1RXbbEQ4l%3Dcs%2CcsRXOb9b~%3DvmBRXOb9bv%3DvmBR9bkLp%3DqR9fCGgEX%3Dqz6R9b9p%3DqRX9Y%3DqzqvRGjbECGgEg%3D~qRYH%3DdRfg~GEX%3DvzD~R9fCGgEg%3D~qRHXYj%3Dqzqv~R9TWjLE9Y%3DvBRbLggLGETO1E9Y%3D~PvmPD~dRbCjjgWETO1E9Y%3D~PvmPD~dRf9L3OX9g9TW%3DqzvdD6mBRj8b%3DqRHOGG9LG0Y%3DqR81X9Y%3Dqzqv~RXpgG%3Dqzqv~RbC9Y%3DRYTH%3DLObTEbHRYVVELGjV%3DpOgbLRYVV%3Dx8EbTGOTL1WRXYjHOjY%3DqRYOg1%3DVG1JIzqR9xbg%3DqRb8Xj%3DRNTVg%3DvRYHCT%3DIqRY81X%3DqJvR9XH%3DvRxbF%3DvRT1b%3DDqqw~6qRXbX%3DqRXbj%3DqRTVw%3DvqB&xTf=q&VVV=b8WLsMwkQxpLAC3n9akjq-jTvGHPLIp39(Tp1D!*-M(Lsmv0DPA4nEfSSadL7hnBkp8g4OsKca*1G19cno!!D3%3D%3D&9x0pG=v&XYG0Y=IBq&X9Y=DIdvIq&uTTgL=.OWbVOx%20l81N9GLx%20yWOuN9g8VL%3A%20s%20!g8bLG%20*88u%20OT%20-ObT8G%20!NG9b%26Gb(C8%3B%20cLjNL3%20J%20-ObTLg9xuzxLT&VHp=mm~q&WYbjG=v&uOTjGL=v&uOTX9Y=Jvq~&HOY8VO9x=TFkJN*HgJ*dQTy*IeK89!QNdTHDsjFCDjUd9jqLI-Fa%3D&Wjgj=v&9b9Y=6&OYf=ALxLGOg%20iLOGHN&j19Y=jqDIDDPddBdT~q~Dv~v~v~Iv&bbgY=%7B%22bb9j%22%3A%22vd6zvm6zPvzq%22%2C%22bbHH%22%3A%22!t%22%2C%22bbbH%22%3A%22KA%22%2C%22bbHTW%22%3A%22t%C3%83%C2%BCxLxXLG1%22%7D&NTVgbGH=v&sflct=272060&ure=1
Frame ID: F6CA911ADCBCA7262C35A7ED29CFA377
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Frame ID: EFC6E466DFFADA08F2EC705CA21D0BEF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99,77,20000,2033,262,460,241,461,462,3018,246,4,3016,313,10000,459,229,9,319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: A04E4F73C02F3C32591DC224A79C429D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2581&&kkdd=n!%7Cu%7CnHA*39&12=.FI4oRpRRV4VoVV4FZR&381=rT5Tq3-%20HT3qtP&728=opR.pp&s8Lq=.&nzL3=I&t81=..4V&NztT=vopJ&t28=R_Epd_*6U&tLt8=LbZNexNHN_bthIA-(qhTxc%3D%3D&tq28=4ZppRJ4RZ&z2GT=oIIk4JI&tt=_f&zt=)f&tP5n=f!UXWDh&L28=ROW_S4SWa&NL28=S4.oop4&PNNLz=.&qqq=NGUyPvt-yv9Tt8)y*.m(NVoLC9hSGqa77ZscgT0Vdo7_rH6(KBoj)(%3D%3D&B(qY=PNNLz%3A%2F%2FL3zNT-25Bl5TN&TB(qY=(FFmc%3AHHm.cFjKRGElGjF&5zT=J&-(=.&0s8=p&38N.=R_EcD.J4j&38N4=RR.J4ZR.p&783N3=z84%3D50--wNN%3DIw20q-9-%3D4IwxsTqLn%3DIlI4w1(9Tkt%3DIl.Rw12z9z8%3D4V4w8t4%3D.w2zNn%3D4wzt8%3DGsw193z5%3DJZRIow1-4q9z8%3D4I4o.4.4IJw20q-97%3D.FFJlR4w0q-9NBt%3DIwzN8%3D4F.VFo4Rw-3zN%3Dwt1xs%3DIloFw12z90q-97%3DIl4.w1-4q929z8%3D4I4o.4.4I4w2L%3DoxEU(twY77%3DIw12z90q-9-%3D4Iwq22L03%3Dp%2CpwTN%3D4Iwqt%3D4%2CIwnN28%3DOWIIII.4w1-4q9297%3DIlI.wqLz9z8%3D4I4o.4.4IZw12z97%3DoRZlopw0q-97%3DIlJZw1-4q90q-97%3DIw1-4q90q-912%3D.my.Zw0q-9N12%3DIwTtL9TTq%3D.Iow0q-9-%3D4Iwz-1%3DIwst3N%3Dy.w77%3D.VZw11%3DIwt1-4q9z8%3D4VpwqY1%3DIw-4q97%3D.IIIwTqLn%3DIlI4w1-4q90q-9Bt%3DImIwLz29t%3D.%2C.%2CI%2CI%2CI%2CI%2CI%2CIw7n%3D.wLz298%3DIw3oL97%3D.lo4%2CoRl..wz28%3D4ZppRJ4RZwz8%3DIw028%3D4e3r2sVoF**fW**x3Jwt1-4q97%3DIloFw7N8%3DoIFVVV.IpJp4IRoJRR44pFI4ZFp..4RV.oFVV.o.Jo4JpR4o.FVo4IIII.pFJV.4FppF.RR4ZV.4oIppIJRVVZ.ooV4RFpJpJZ.pRpRw1(0%3DIl.Rw84L9-%3D.Iwt1-4%3DIloFwoLtY%3D.IIIw02n%3DIw8nn9zNqs%3DP3qnx5Aw84L97%3DIlVRwxs84L97%3DIlVZw10q-97%3D4lI.wzz%3DD!wtt%3D_fw02(%3Dy.wtT%3DIwqLz97%3DoRl..wqt1%3D.4lp4w10q-9-%3D4IwqLz90q-97%3DpZl..w_e%3DoIJVwB790t%3Dy4w5Nz%3D.wB79ttBz%3Dy4wXO4%3DlM%2FLlMwtN%3DP05T57Tqsw7zz9*Sa%3DD!%2CD!w73z2z4%3D.VZw73z2z.%3D.VZw2zUTY%3DIw210q-97%3DIlJw2z2Y%3DIw728%3DIlI4wqLz90q-9-%3D4Iw8t%3DRw1-4q97%3D.lo4w210q-9-%3D4Iwt78L%3DIlI.ow2NALT928%3D.ZwzT--Tq9N3s928%3D4F.VFo4Rwz0LL-A9N3s928%3D4F.VFo4Rw12T(372-2NA%3DIl.RoJVZwLxz%3DIwt3qq2Tqe8%3DIwxs728%3DIlI4Iw7Y-q%3DIlI.4wz028%3Dw8Nt%3DT3zN9ztw8nn9TqLn%3DY3-zTw8nn%3DP3qnx5Aw78Lt3L8%3DIw83-s%3D052zx54Zw25z-%3DIwzx7L%3DwPNn-%3D.w8t0N%3DoJw8xs7%3DIy.w27t%3D.w5zG%3D.wNsz%3DoIIk4JIw7z7%3DIw7zL%3DIwNnk%3D.IZ&5N1=I&nnn=zxAT!gkU*5YTr0(62mULIOLN.qtFTpY(2CNYso_vOgCT!V.eoFrS691ccmRThd6ZUYx-S3!)Dmvsqs2D6E__o(%3D%3D&2(=oII&25eYq=.&78qe8=pZI&BNN-T=b3Azn35%20axsP2qT5%20WA3BP2-xnT%3A%20!%20_-xzTq%20vxxB%203N%20O3zNxq%20_Pq2z%26qzC0x%3B%20DTLPT(%20y%20O3zNT-25Bl5TN&ntY=VV4I&A8zLq=.&B3NLqT=.&B3N728=y.I4&t38xn325=NGUyPvt-yvR*NWvpj)x2_*PRNto!LG0oLiR2LITpOGm%3D&AL-L=.&2z28=J&Ls28=LIopooFRRZRN4I4o.4.4.4p.&zz-8=%7B%22zz2L%22%3A%22.RJl.VJlF.lI%22%2C%22zztt%22%3A%22_f%22%2C%22zzzt%22%3A%22)r%22%2C%22zztNA%22%3A%22f%C3%83%C2%BC5T57Tqs%22%7D&PNn-zqt=.&sflct=272060&ure=1
Frame ID: 971E3D795A3DEE7565D919173F4C464A
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Frame ID: 5219293C723851A7755C537E8E7B5F50
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99,77,20000,2033,262,460,241,461,462,3018,246,4,3016,313,10000,459,229,9,319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: FD6197A29117AE3C1E6DC04CC779A00F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Frame ID: AB6E32B549D559E0B8AB73F5402B28D3
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BBB4F5C73A2E589864CDE5CDE590AE1C
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Frame ID: 8DBC66E51BC1A482A88618DC9A835864
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 443F81898396A0905091E84FD0C4875D
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F8E22719B53977DD09B8C399EDF15AC
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702384886666
Frame ID: E9804372FEA63005C067FA287281A805
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 421CC0F1FD735E1639274E756E2982CB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D6FB29B67EAB4DFE43A08DA76A12D87C
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 279BEECDD703047966F8146442BD7BFE
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: AC74B5B16E60D31DCB320B793142D141
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 8CE8EEAC6D9C8B72E10BF81FB7E42766
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 4E84F5C8595EEBDD6684D69F100DB013
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 4F6787130E15F5A01334F13E61CD2ACF
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 9788348851F770879DB3CA744B104CE6
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 7D00C8DE5A9A3B25677E0EA581CFF533
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 2DD0B1C0E6785FF9692B11BA490DEACB
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 6A9750B4BCA0492B5F51B8D01F939BD5
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 635F9804FF20B1C3F9732F8A3BD74C37
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=247683937117432826&gdpr=0&gdpr_consent=
Frame ID: 9D87D90596527607235C266D4CC25486
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81ZjY2ZDk5Yi03M2EwLTRhNmEtOWM2Ni02MzEyYjAxMzRhZmY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 19793B810FDD0950A7C8584C99B75A1E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: DDCEB1A6280E8259D9E82F5242B89D0A
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 388D17F792F9ABDCE47E8DDE09DC384D
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 24C43C883241F9202C28E5DFAAA0AA42
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=gumgum
Frame ID: 6FB8B7A20AB0295E4FC6907F4D764624
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: EAB2AF5F0D6B0BB2AD2554D73987715A
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent=
Frame ID: 392AF6A492ED85A641E7CC709F391182
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: C51B93C61A17BBCEEC10EF248E0B248C
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7C88FEF761D692806B63389124C00C74
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 771E75DDF4521117C17B562DE6419347
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
Frame ID: 93F6F445AE12DB037D7832BDBBED5B85
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1879540393
Frame ID: DFCF0F1EB264CC70C748839F582471FE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=457C0E3B-119F-4C87-8B76-6993553AC403
Frame ID: B7CB625532E685B19552E871D016DC4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Daysman Woghiren Oyakhilome: A Closer Look at Pastor Chris’ Nephew - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

387
Requests

64 %
HTTPS

23 %
IPv6

105
Domains

160
Subdomains

102
IPs

14
Countries

2277 kB
Transfer

5404 kB
Size

142
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=665210dc-b78c-4eac-956d-404a3a5425ef
Request Chain 83
  • https://ib.adnxs.com/getuid?https://rt.marphezis.com/sync?dpid=2&puid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D2%26puid%3D%24UID HTTP 302
  • https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
Request Chain 84
  • https://u.openx.net/w/1.0/cm?id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid= HTTP 302
  • https://rt.marphezis.com/sync?dpid=3&uid=2dc5d57c-a449-4a9c-a809-c71b5fd46837
Request Chain 85
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://rt.marphezis.com/sync?dpid=6&puid=2783CDDD-C620-40B4-A13E-11E1EBD76B72
Request Chain 86
  • https://bh.contextweb.com/bh/rtset?pid=562863&ev=1&us_privacy=${us_privacy}&gpp=${GPP_STRING_XXXXX}&gpp_sid=${GPP_SID}&rurl=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D7%26puid%3D%25%25ENCRYPTED_VGUID%25%25 HTTP 302
  • https://rt.marphezis.com/sync?dpid=7&puid=IeqFUT30itkVBPaI1w9k4Q&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
Request Chain 90
  • https://ib.adnxs.com/getuid?https://rt.marphezis.com/sync?dpid=2&puid=$UID HTTP 302
  • https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
Request Chain 91
  • https://u.openx.net/w/1.0/cm?id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid= HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid= HTTP 302
  • https://rt.marphezis.com/sync?dpid=3&uid=30ce7c5d-efad-4cfb-a98c-97defad27cc7
Request Chain 92
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://rt.marphezis.com/sync?dpid=6&puid=457C0E3B-119F-4C87-8B76-6993553AC403
Request Chain 93
  • https://bh.contextweb.com/bh/rtset?pid=562863&ev=1&us_privacy=${us_privacy}&gpp=${GPP_STRING_XXXXX}&gpp_sid=${GPP_SID}&rurl=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D7%26puid%3D%25%25ENCRYPTED_VGUID%25%25 HTTP 302
  • https://rt.marphezis.com/sync?dpid=7&puid=KuCVC5063sXzSfVNNy2-XQ&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
Request Chain 94
  • https://ssum-sec.casalemedia.com/usermatch?s=197494&cb=https://rt.marphezis.com/sync?dpid=5%26puid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Request Chain 95
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Request Chain 97
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Request Chain 98
  • https://ssum-sec.casalemedia.com/usermatch?s=197494&cb=https://rt.marphezis.com/sync?dpid=5%26puid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Request Chain 100
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXhU.LnGW7XTXH-mK0xorgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
Request Chain 101
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXhU.LnGW7XTXH-mK0xorgAA%265152&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXhU.LnGW7XTXH-mK0xorgAA%265152&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d40cda517edc4a999511bef37c43b40f HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d40cda51-7edc-4a99-9511-bef37c43b40f HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9f06b427-8587-415c-8ae5-f0c697e4474f%3A1702384888.968586&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9f06b427-8587-415c-8ae5-f0c697e4474f%253A1702384888.968586%26_%3D1702384888.9706473&cb=1702384888.9706888 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631277691006&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9f06b427-8587-415c-8ae5-f0c697e4474f%253A1702384888.968586%26_%3D1702384888.9706473 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9f06b427-8587-415c-8ae5-f0c697e4474f%3A1702384888.968586&_=1702384888.9706473 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY5ZjA2YjQyNy04NTg3LTQxNWMtOGFlNS1mMGM2OTdlNDQ3NGY6MTcwMjM4NDg4OC45Njg1ODYQABoNCPmp4asGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJmPvla1QOfsvOOp18ubkzc&google_cver=1
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXhU-LnGW7XTXH_mK0xorgAAFCAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
Request Chain 104
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LtAN1CKG1Rd24M5
Request Chain 105
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152&tc=1
Request Chain 106
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=247683937117432826&expiration=1703594488
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
Request Chain 110
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 111
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a09ee7506fd941a2bcaacc829a97e3be HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a09ee750-6fd9-41a2-bcaa-cc829a97e3be HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a63902a2-6c30-492c-926c-11fa91fd6938%3A1702384888.9682717&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da63902a2-6c30-492c-926c-11fa91fd6938%253A1702384888.9682717%26_%3D1702384888.9703002&cb=1702384888.9703343 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631277691006&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da63902a2-6c30-492c-926c-11fa91fd6938%253A1702384888.9682717%26_%3D1702384888.9703002 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a63902a2-6c30-492c-926c-11fa91fd6938%3A1702384888.9682717&_=1702384888.9703002 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7176766822098981487
Request Chain 112
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXhU.NGBw0f89tZ9hxjgyAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
Request Chain 114
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E6AFAC3797F14B70B25B7C15FB7D9484
Request Chain 115
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
Request Chain 116
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9391145e-0614-7717-ce5d02d7
Request Chain 125
  • https://pixel.rubiconproject.com/exchange/sync.php?p=getmedia&khaos=LQ2C09BS-19-69F3 HTTP 302
  • https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LQ2C09BS-19-69F3
Request Chain 126
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyQzA5QlMtMTktNjlGMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMfVEgr_FUJTuWpZ2ocpDg4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyQzA5QlMtMTktNjlGMw==&google_push=
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJA23jhOY9F4dCYSTnei-FQ&google_cver=1
Request Chain 128
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhhNWNlYWY5OTEyNTY0YWMwNGFhNDIyMDRiNGU4MDUwZjJjODcyOA
Request Chain 129
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZtTmmhuRToOL_Y3l9DLkaQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZtTmmhuRToOL_Y3l9DLkaQ
Request Chain 131
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2C09BS-19-69F3
Request Chain 132
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ2C09BS-19-69F3&ex=d-rubiconproject.com&status=ok
Request Chain 133
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MTySXQ2gQ0e1h53thpSFgA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MTySXQ2gQ0e1h53thpSFgA
Request Chain 134
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vZhw5RoU6d_Axe_am4YxLMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gvjRAcdE2oKeSV.Xn2winX3i8zWjBo0aVb7b1A--~A
Request Chain 135
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC2mU7K8KoAABRae0t2PA&expires=30
Request Chain 136
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ2C09BS-19-69F3&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ2C09BS-19-69F3&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ2C09BS-19-69F3&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zbUJLaDQ1RTJ1SElUdUd0QndfSWtZZk96Zm9ZUjBETH5B&ovsid=LQ2C09BS-19-69F3&dpid=58160
Request Chain 137
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2C09BS-19-69F3
Request Chain 138
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ2C09BS-19-69F3
Request Chain 139
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2C09BS-19-69F3
Request Chain 140
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=70375868-b402-4c04-9dcb-902623f69260&expires=30
Request Chain 141
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2C09BS-19-69F3
Request Chain 142
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ2C09BS-19-69F3
Request Chain 143
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ2C09BS-19-69F3 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ2C09BS-19-69F3
Request Chain 144
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ2C09BS-19-69F3&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ2C09BS-19-69F3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 145
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=59e23abb-f1b2-4bcd-97f9-4d61a263a1f3
Request Chain 146
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=247683937117432826
Request Chain 148
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ2C09BS-19-69F3
Request Chain 149
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=Ol13Km9rW5N_haph2upMcrnDR9k
Request Chain 150
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7176766822098981487&expires=30
Request Chain 151
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2505814098745901013&expires=60&gdpr=&gdpr_consent=
Request Chain 152
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1702384888697 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8097842302 HTTP 302
  • https://sync.1rx.io/usersync/turn/2577871692783828949?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003&expires=30
Request Chain 154
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ2C09BS-19-69F3&obUid=&initiator=
Request Chain 155
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ2C09BS-19-69F3&name=RUBICON
Request Chain 156
  • https://token.rubiconproject.com/token?pid=49096 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ2C09BS-19-69F3 HTTP 303
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ2C09BS-19-69F3
Request Chain 157
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&expires=360&gdpr=0&gdpr_consent=
Request Chain 161
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 163
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1
Request Chain 164
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7176766822098981487&gdpr=0&gdpr_consent=
Request Chain 165
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7311687423465945248&gdpr=0&gdpr_consent=
Request Chain 166
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ol13Km9rW5N_haph2upMcrnDR9k&gdpr=0&gdpr_consent=
Request Chain 167
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f96f0221-3921-4dc1-a9ba-f7fc74506f74 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f96f0221-3921-4dc1-a9ba-f7fc74506f74 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=58cf946d-aa01-483a-9588-3fa84e52ea6e&user_group=1&ssp=pubmatic&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 168
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMm1VN0s4S29BQUJSYWUwdDJQQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAC2mU7K8KoAABRae0t2PA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC2mU7K8KoAABRae0t2PA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC2mU7K8KoAABRae0t2PA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5566155699205740968&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC2mU7K8KoAABRae0t2PA&gdpr=0&gdpr_consent=
Request Chain 169
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXhU_QAGY5ELUgBH
Request Chain 170
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb85c77a1eb4641b7982417bfbbe7dc72
Request Chain 172
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 173
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3763969272172057271
Request Chain 174
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631277691006
Request Chain 177
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=96bf28eef2bb1407/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRUhMXSnnMXhhbWaT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=53be28644293ed08950e49bc7dc796d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRUhMXSnnMXhhbWaT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRUhMXSnnMXhhbWaT&gdpr=0&gdpr_consent=
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RXwOOxGfTIeLdmmTVTrEAw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 182
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1794479660
Request Chain 183
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=457C0E3B-119F-4C87-8B76-6993553AC403 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTdiYldPanRRRHpTSXFNeVRjWXItcG1QQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=247683937117432826&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDU3QzBFM0ItMTE5Ri00Qzg3LThCNzYtNjk5MzU1M0FDNDAz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhZqCq4OHe6TfS4Z_SUbp4&google_cver=1
Request Chain 187
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=247683937117432826
Request Chain 190
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=457C0E3B-119F-4C87-8B76-6993553AC403&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9PQ2aT5E2uWRqds8Nf8b9U0DngDMDBo-~A&gdpr=0
Request Chain 191
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
Request Chain 192
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=38eba8bdf4b7158e&is_secure=true&networkId=17100&version=1&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtH4kcOAXgwMg_KF8AAAAAAA&expiration=1702471289&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 193
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8918939968121487317&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 194
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:28be3875-413b-42b2-8ddc-5a2f556cfbcd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 198
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=q3b9y3xNRnpPMlIrREFwS3NpK0VUTzVnZGg3bkM2NnlFclpQNm9BQXJ2ZXhLSE1Sanl4OUxJaVNsVndZTVdnQ2ladmVOeWVjbXdTd1hPUUVsaVFSZC9CeTQ5VXRSc00yTVRMaVcxWFdEVDVCVzhlYk81TXVNMGRNVG1vOGtycUtWN3E1bHZTWFVNeGZEenZwa3RXK0JSd0JSSG5aN1RpVm8zcDlXOTlKNGlEVG5KR0djVUp4T3k1M3ozL1NhTVRzdDZzaGlKY0lYVzY1SXVuT2tydm9KK0doQ2hUYVpkK2Z5UnIra1dIc2lJNVlKMjU0VmVFK2pvV0hPWUN2SW9paUxaMnlRZVJqZXV4WDJSMEUzaVdJdXRHQy9FVXRhMTcvU1lwVmVLcHJ0VHpVNTB6dz18&cppv=2
Request Chain 234
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
Request Chain 235
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
Request Chain 236
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Request Chain 238
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Request Chain 239
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L74jhoIKr2EUmfVx43cBKqQYg1uGj0A
Request Chain 240
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=5566155699205740968
Request Chain 242
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I
Request Chain 243
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
Request Chain 245
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
Request Chain 247
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=f96f0221-3921-4dc1-a9ba-f7fc74506f74&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D{SSP}%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}%26ssp%3D{SSP}%26bsw_param%3D{BSW_PARAM} HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=665210dc-b78c-4eac-956d-404a3a5425ef&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 269
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTU2NjE1NTY5OTIwNTc0MDk2OA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFSv3d_mkn-cxIEnIJftcMs&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
Request Chain 271
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU2NjE1NTY5OTIwNTc0MDk2OA==&gdpr=0&gdpr_consent=
Request Chain 272
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7311687423465945248&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7176766822098981487
Request Chain 277
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=1
Request Chain 279
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Request Chain 280
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L8eI-kCPUUkrdyXBuU-AEI700pSOaqA
Request Chain 282
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
Request Chain 293
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 298
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7176766822098981487
Request Chain 299
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HzwZtRZH7Dw7Ex02TRa2vpOI
Request Chain 301
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1555999705
Request Chain 302
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5109685631277691006
Request Chain 303
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=4e5df7e0-7865-4388-814d-7c9be193b822
Request Chain 304
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 305
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
Request Chain 306
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS0xOWUyYTFlNS03M2I4LTNiNGItYWYwZC0zNGFkZWY2YzMyNzMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xOWUyYTFlNS03M2I4LTNiNGItYWYwZC0zNGFkZWY2YzMyNzMyAhsMOAE=
Request Chain 307
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
Request Chain 309
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 310
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9VY5CIGTH12kqcCSN6-HDNdNSnLMi8HXUJCSLG0K7_s
Request Chain 312
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
Request Chain 313
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
Request Chain 314
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Request Chain 316
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1YN-&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Request Chain 318
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
Request Chain 321
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74&google_hm=Zjk2ZjAyMjEtMzkyMS00ZGMxLWE5YmEtZjdmYzc0NTA2Zjc0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHefg5YVD225PEvxEKkVpNg&google_cver=1&ssp=onetag&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&us_privacy=
Request Chain 324
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Request Chain 325
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7176766822098981487
Request Chain 327
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=862b4ab263ca46249f8ece623f174037&expiration=1704976890
Request Chain 328
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5566155699205740968&gdpr=0&gdpr_consent=
Request Chain 329
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718196090&external_user_id=3dc6aa49-eb81-43a2-9c43-87c0434f75a8
Request Chain 330
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2a867811fb7717b1&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI1EM2hGXFrwNYXvmgAAAAAAA&expiration=1702471290&is_secure=true
Request Chain 335
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7176766822098981487
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-1332211085264331287 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=406bf678-8d6d-525a-85fb-42c1e083163b&ssp=gumgum2&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 337
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=77601671-7fa4-4d5c-bc30-71022feded28
Request Chain 338
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72$ip$185.195.71.217
Request Chain 339
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-_7MidN1E2pexoEJ0pcGhwOQ3apCm2iz11VDm~A
Request Chain 340
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=70375868-b402-4c04-9dcb-902623f69260
Request Chain 342
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&s=2&us_privacy=1---
Request Chain 343
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=FX5Eoja69qoL&ev=1&pid=558355
Request Chain 344
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5566155699205740968
Request Chain 346
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=247683937117432826&gdpr=0&gdpr_consent=
Request Chain 351
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=gumgum
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 354
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LQ2C09BS-19-69F3 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LQ2C09BS-19-69F3
Request Chain 356
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
Request Chain 357
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=911509356514636065239
Request Chain 358
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 360
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=814f81036bd3128e3201066ac6edd1c9
Request Chain 361
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXhU.NGBw0f89tZ9hxjgyAAA%263398
Request Chain 362
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=19045005-2823-4a5e-a3d3-7818a7be668b
Request Chain 367
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3777948660
Request Chain 369
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=247683937117432826&gdpr=0&gdpr_consent=
Request Chain 370
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
Request Chain 375
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQ2C09BS-19-69F3 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LQ2C09BS-19-69F3
Request Chain 380
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E6AFAC3797F14B70B25B7C15FB7D9484&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
Request Chain 381
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1879540393
Request Chain 384
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=457C0E3B-119F-4C87-8B76-6993553AC403&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=457C0E3B-119F-4C87-8B76-6993553AC403&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 385
  • https://pixel.onaudience.com/?partner=214&mapped=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=96bf28eef2bb1407 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=849bcc03-eecf-41fb-6d69-01d3c9c369c8&reqId=e0becab0-ca3c-41e2-656a-c5a8edbd5148&zcluid=96bf28eef2bb1407&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAVzDWjtlBYN-j3QUoIci_I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=849bcc03-eecf-41fb-6d69-01d3c9c369c8&reqId=e0becab0-ca3c-41e2-656a-c5a8edbd5148&zcluid=96bf28eef2bb1407&zdid=1332
Request Chain 387
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=457C0E3B-119F-4C87-8B76-6993553AC403
Request Chain 388
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0

387 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mmcz79u5
pastelink.net/ 		27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
179392e1a7ffb58ba9ebbcacacfc5fdc291b6b60f7bf91b4ef9d9207ec510677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 12:41:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 12:41:25 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/mmcz79u5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/mmcz79u5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/mmcz79u5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-b8f8"
content-type
application/javascript
accept-ranges
bytes
content-length
47352
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1157651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbrQtiqkB8MOQsMeZGQEoaMVGP2FxfmcSr2WcfVBc2TU5uxlESC36Blx%2F8IXt%2BQH99TyX4k5UQbRu%2BmROKiNZyuKgDk3arX3alMb0QvIHin0%2BDbbKos5KB4DzJSKmUOnQdyExfTDKagQNzsT6TJkOFeU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83460a9d7d134c49-MXP
expires
Sun, 01 Dec 2024 12:41:25 GMT
css2
fonts.googleapis.com/ 		832 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Berkshire+Swash:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7df3529dc158cc72e520a011aa9eb8331091b25bf7ac5b94b891d1d53e63223
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 12:41:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Dec 2023 12:41:25 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d7d56f6c81c3dca769e96d29cbb3a898cf905684ed71325022ec4eadbf3eaaa7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 12 Dec 2023 12:41:25 GMT
gtm.js
www.googletagmanager.com/ 		262 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40a633827be3de5cda62cbdc30c4404ba77fa61a57f44b40182c9eff70eb4db7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91950
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 12:41:25 GMT
pastelink.js
cdn4.buysellads.net/pub/ 		552 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
0c8cf3bd02e306cf5a00c862fceaf446cb92d4b312a1b9826beb4a9db5749a4e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
cache-control
public, max-age=3600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
93b875e84b02b6cacdd4f8fb99c7e940a6ac950c
vary
Accept-Encoding
content-type
application/javascript
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 18:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207446
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 18:09:20 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options
nosniff
age
408845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:07:20 GMT
ptRRTi-cavZOGqCvnNJDl5m5XmN_qs4z.woff2
fonts.gstatic.com/s/berkshireswash/v20/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/berkshireswash/v20/ptRRTi-cavZOGqCvnNJDl5m5XmN_qs4z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Berkshire+Swash:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51831d748cc8e6dccff84ea6cdbcf6018224f017dd336a9e71627abc78717c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:17:20 GMT
x-content-type-options
nosniff
age
12245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17348
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:52:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:17:20 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:01:24 GMT
x-content-type-options
nosniff
age
13201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:01:24 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:33:07 GMT
x-content-type-options
nosniff
age
32898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 03:33:07 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e0ae6d58777b715ea0809bfc2347ec8429aa37079d10e0da9c94db935e080ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87095
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 12:41:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 11:48:14 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3191
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 13:48:14 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3bt0v873532799z8831407672&_p=1702384885487&gcd=11l1l1l1l1&dma=0&cid=1287958868.1702384886&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702384885&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&dt=Daysman%20Woghiren%20Oyakhilome%3A%20A%20Closer%20Look%20at%20Pastor%20Chris%E2%80%99%20Nephew%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=844
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1515004649&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&ul=en-us&de=UTF-8&dt=Daysman%20Woghiren%20Oyakhilome%3A%20A%20Closer%20Look%20at%20Pastor%20Chris%E2%80%99%20Nephew%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=855586838&gjid=44769748&cid=1287958868.1702384886&tid=UA-55088947-2&_gid=1666735276.1702384886&_r=1&_slc=1&gtm=45He3bt0n8155WHPWQv831407672&gcd=11l1l1l1l1&dma=0&z=94343493
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c85c97c5c6c0c45f9f7e5d8ee898688f683b1e45614413004e2fd60cc955c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83570
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 12:41:25 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je3bt0v9136110041&_p=1702384885487&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1287958868.1702384886&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&dt=Daysman%20Woghiren%20Oyakhilome%3A%20A%20Closer%20Look%20at%20Pastor%20Chris%E2%80%99%20Nephew%20-%20Pastelink.net&sid=1702384886&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1045
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag
btloader.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd5b9251c4107f00e4031b3b6262a41576ea4b5daf5c1475a37ea6afea2aa49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 12:26:21 GMT
server
cloudflare
age
864
etag
"a44388854c105e70fd8d8051550c4091"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
83460aa21acb5a1f-MXP
content-length
20547
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceb515a9d3625eba8ab1b01d21369f415cd710e10a8025c7cdfe6bbadde844fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29099
x-xss-protection
0
server
cafe
etag
527 / 19703 / 31080056 / config-hash: 11999804698944333348
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 12:41:26 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 12:41:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
979810
x-guploader-uploadid
ABPtcPoWDdGx2296n3eYAcMQ5CcVYpbOhz-Mf_H7iurOh1EI8sv7AhAdU6NWWGGfev0wCmiYZqI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8A08cTWC1Er2NXRNFnvBOwDXjaYQWJyWv5qEeek7ofP4bgtuOvBf3apjqLinnF0tazXjwvfktKSpZYRSt67ngOlAzoRkKeXnIWlE5ZV3%2BygWQaOurF1eSfQScpnre5D8i1%2BxUU8Qp38onPmWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
83460aa2cffd0e73-MXP
expires
Fri, 01 Dec 2023 05:20:51 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 20:42:23 GMT
px.gif
ad-delivery.net/ 		43 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.10165826445182291
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
979810
x-guploader-uploadid
ABPtcPoWDdGx2296n3eYAcMQ5CcVYpbOhz-Mf_H7iurOh1EI8sv7AhAdU6NWWGGfev0wCmiYZqI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fdsxYN9dL2prb4LQhDqXI4Gmyf9ds%2BbtJwYOwA20WwfVWhgTXVqpQQJ2BC67bLydcsStsUvoXNm%2FaVud7lGamIf%2FntAp%2BLgkke9R2bhC33UKB%2BgSGiYpzhWtaHPFpy8tYmN%2FabnpDm0PGQFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
83460aa2cffc0e73-MXP
expires
Fri, 01 Dec 2023 05:20:51 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
48152
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:18:54 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=KOY2HVz55&w=5093624318001152&o=5102648370397184&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&sid=viczNfjQUO&pm=false&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 12:41:26 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
CWYD627N.json
srv.buysellads.com/ads/ 		1 KB
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=520174&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.172.55.208 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-18.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
4986de437e93f1effeb8f620a4b987fbe4ee760ad9a5c4980effbb3cf813400d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
581
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1075225
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOPC4h3rfTQL%2BvRGcljT%2FMGFm7AhakgZ%2BrTy5ccGIYGJVgXuX9tgpSf%2B18sJ%2Fq7odKf6%2FeZze0bjMyYMjlT6%2FDNoEQx1REZeU3lYPUx9Tb%2BCRE4ID3sFlSIzcO5wGDihEVOOxecagOuo5gm2"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
83460aa4d971bab7-MXP
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
3dea6aa91c5ba93bbce81ac94dd6ce41cbeef6c3653fd4070a76db6d9b573b19

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
7655872312e287124326e6f938f9f2b7a5393a58f098ea4d314d26738f6a5fd8

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		786 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
55bf8806711e05bba42532cfba6b8bb04d65d48cd25f0e01cc3007fd0c768aea

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		841 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e02f1563054dc2170a7cf39cfce6ca51856e0f80e769aa8c1c0f4eb2b2425f1d

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		996 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
715964c15a8419e6dbdaf741fcc71b0129418ddc65e5b4c6f0cd7c573e0f4bee

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
118d5aba65997b268366d3aedf6585eff651533821795b4f13dc651923b3032c

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&PageUrl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&PageReferrer=https%3A%2F%2Fpastelink.net%2Fmmcz79u5
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.18.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-18-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0086697583ee23a9a23e1a67e94812862f61ee30a9f679b8b5d56e718fb43696
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
105
content-length
388
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=21472407183&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 12 Dec 2023 12:41:25 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9bb55abb920f48d8a688119f80d8d49e7c8251eaaef55880875598d04c087453

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:25 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
98
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 12:41:26 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		466 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=d0c28a79-84e2-4d6e-9369-2dcb9e1e07a0&l_pb_bid_id=33d7ab1e6a4d0c7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d0c28a79-84e2-4d6e-9369-2dcb9e1e07a0&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.16541837904764867
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7a42d4a40caed70bcfdf397a7486cb4f1fac2b0ed15d8e427c567f81f1c25381

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
466
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=c1819850-1828-44ac-9002-ff18d335b453&l_pb_bid_id=3469ef9ffa10879&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c1819850-1828-44ac-9002-ff18d335b453&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.12205994297925993
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5e605238fdc13b206f881f819af4a1bfd779bb40bdc2eb71766155006779e4c5

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
476
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		450 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone-sf_1675868324828-7_123456_2-0-0&tk_flint=pbjs_lite_v7.54.0&x_source.tid=acddf23e-5862-45b4-b85f-7af6dc14d714&l_pb_bid_id=35e4a702b5c7b83&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=acddf23e-5862-45b4-b85f-7af6dc14d714&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone-sf_1675868324828-7_123456_2-0-0&slots=1&rand=0.7937716237848822
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f6e9d2dccc21a56389ee54b2331150fb42c758c7005d62589fafb1ba4049d199

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
450
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		450 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone-sf_1675868324828-7_123456_2-0-1&tk_flint=pbjs_lite_v7.54.0&x_source.tid=0322bec6-85c3-48d6-a03a-f541c9edf298&l_pb_bid_id=36f4c950f303164&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0322bec6-85c3-48d6-a03a-f541c9edf298&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone-sf_1675868324828-7_123456_2-0-1&slots=1&rand=0.8961508504026032
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b2a2ffa8c55c3b9828c15ec6a8e583d20a501fa118e77cfae51e83fba1fe1c8a

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
450
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=bca3e57d-a7e2-47da-91b6-97ac779ca7c3&l_pb_bid_id=373c477458525c2&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bca3e57d-a7e2-47da-91b6-97ac779ca7c3&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.6314167454732567
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c800accc93f942afb9ac6cdca792f930ed212c1fff0bd77f155df8f00ff4be42

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 12 Dec 2023 12:41:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
adreq
ads.servenobid.com/ 		845 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10443
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9dc48adaa892ba8e7c25ef9ed76615526237508ed212b7c8e6cba525d2b561a9

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04e230fef28ff637f01edc9952991502cbf7dcefe18ef91bfcade2ba505068b

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Tue, 12 Dec 2023 12:41:26 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83460aa4fbc3bab2-MXP
expires
0
prebid-request
onetag-sys.com/ 		15 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hb
rt.marphezis.com/ 		53 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1234e8a2cdf56c92f06b58f09f24f6062c6f2a7327725c416fba40e2af7b74a

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store
access-control-allow-credentials
true
content-length
54427
expires
0
prebid
ib.adnxs.com/ut/v3/ 		583 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61355c8de94480110ce1c107309689ec4b76f42d8234e42067cea59e766ed5d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:26 GMT
content-encoding
gzip
an-x-request-uuid
3b29c1dc-a32d-44f0-b5da-771703a2a55e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1160663
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al2EWAHIBhVnAjJZWYg2MuU%2Fm0WQOUstpuR7ILyZFcfi50IJpFWLBZwFsdR6MFyMUS2hp5NlRUlqTIVuIk3%2F8wLa0O2nciMXgXfj1RTNhGxEvzN3wqi%2Bh9IoBCbuokBPQEHWJ1f67ODqonGu"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
83460aa57b50374d-MXP
/
ssc-cms.33across.com/ps/ Frame EB54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 12 Dec 2023 12:41:26 GMT
server
33XP013
x-33x-status
2020008
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=288799362812040&correlator=1218330250487206&eid=31080056&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchors_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C300x250%2C300x250%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C0%2C8%2C2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702384887294&lmt=1702384887&adxs=-12245933%2C310%2C1078%2C1078%2C-9%2C-9&adys=-12245933%2C351%2C498%2C798%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vis=1&psz=1600x-1%7C705x430%7C300x600%7C300x600%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C300x-1%7C300x-1%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C1600%2C0%2C0&ga_vid=1287958868.1702384886&ga_sid=1702384887&ga_hid=1515004649&ga_fc=true&dlt=1702384885288&idt=1157&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone-sf_1675868324828-7_123456_2-0-0%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_creative%3D446649379%26hb_adid%3D74442fcde4d5cca%26hb_bidder%3Dbcmssp%26_bd%3Dbid%26_pl%3D0.01%26hb_size_bcmssp%3D300x250%26hb_pb_bcmssp%3D0.01%26hb_adid_bcmssp%3D74442fcde4d5cca%26hb_bidder_bcmssp%3Dbcmssp%7Coptimize_ad_unit_id%3Dbsa-zone-sf_1675868324828-7_123456_2-0-1%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_creative%3D446649379%26hb_adid%3D73ef0bbc8cbd9%26hb_bidder%3Dbcmssp%26_bd%3Dbid%26_pl%3D0.01%26hb_size_bcmssp%3D300x250%26hb_pb_bcmssp%3D0.01%26hb_adid_bcmssp%3D73ef0bbc8cbd9%26hb_bidder_bcmssp%3Dbcmssp%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1701884418426-9_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=840525636%2C1703297318%2C997962782%2C997962783%2C1897443797%2C1808800939&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04a0296184f17e6a84f76b45291d74ee146e2b004f8dba87d0ad3f9f87fdf60a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16075
x-xss-protection
0
google-lineitem-id
-2,-2,6244825801,6244825801,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,138425476184,138425542074,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf53c344ed930b344dbd294191646b06d0f5d05b31ac105209adafba586b41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12196
x-xss-protection
0
container.html
8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7922 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
expires
Wed, 11 Dec 2024 12:41:27 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js?cb=31080056
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:43:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
46661
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
9174524701941205614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 10 Dec 2024 23:43:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 12:41:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FD4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:24:03 GMT
expires
Wed, 11 Dec 2024 12:24:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9036 		829 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ee7e291a71ebaf32e7a5082813ab1ab09c5f68638ae9e44e9309a61baaea819
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TvZwmS3PHMrji72ZVjt80g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TvZwmS3PHMrji72ZVjt80g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
expires
Tue, 12 Dec 2023 12:41:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8FD4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 12:20:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9036 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=288799362812040&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=665210dc-b78c-4eac-956d-404a3a5425ef
0
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=665210dc-b78c-4eac-956d-404a3a5425ef
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:27 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=665210dc-b78c-4eac-956d-404a3a5425ef
access-control-allow-origin
*
date
Tue, 12 Dec 2023 12:41:27 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generate_204
tpc.googlesyndication.com/ Frame 8FD4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SMGX-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame E911 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq8LwDB-pts6wJVABnzLXcwMooJt_1y8tkDSuqETmB-HCmn9e0w7XRf_OwdKxyOM99j75_TIDpBw28fsl2Cjqq_7CJ9C5g_GeZtrtujwmUPLcrud3daooTOZyLwGFtluVJ8FxSVpLSFIjy90W4APWUu6tmqR0DE2Bo76x21SpGwmacf00ZR7jqei9FpbxS7aSQrrVVQRs-DbBhrldK7XtUbe1CtOLVpoacxghDIVanBsHvEbv9JICsu8589Tssy-dB8njV84K3m5WM6rqSeU9v-uXqLtQ_PjrGCd0rRajFHW7lBEG9KkpRf10jLbHrvuTUSFakvaLihVNUMXLsd0qRkuJXWwOXbeAXrYp7x9s_y03WJVxZE4IxM_JsMb8_OAv9Ef52&sai=AMfl-YSdGXEuuYeZ42Z_H1wnmV19OhFazOJsD9_KXVMtsz5yQGGndXCYrIKLFubb8NupyWc0xFcNs24-xUQmsPyY_uCUgRbuzate2_czcxhA68YFOG17fN9gtog271PsHwxiM_PaUpKzjJHrawAuc-FX1YuS&sig=Cg0ArKJSzPnxZ7tJaSNwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:41:27 GMT
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame E911 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E911 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 12:41:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjwaZ8lbHUv0VlhW-Zk9ub237pCrWqjE8G-n3nohWjvW8RVejEil8mdcTuwNxvVCzv33yDlhZGvOWtwn0EJ71zVm2bivgZYtzvODgd6KcFb-9ZA10S9JCfkdYGdDHvqGUj0wQV_ofz4UzV3rWIZW-kW_mn3TVt3iOo9lNRrmCsVBovlKjDAowgWHo5VQo0updz6lSFFfQ8oC0uCEOtCPwCQKBY12wfZCH0_N5c8pLS_4_nceYBul-n5WUzTBxj50CgTy_8KVlh6oGSIC_ktxGfMgX8a8BQIbz4VQUxXQXBeNQ6Beeo_sGKMaBALRPUIUksxEUWQS7ZzXgfD4lEoLywuW4gYSwkjWrO0qu_Wwj_i5qBv0m1sJTBYTS33fYDk07ARRw4&sai=AMfl-YTCb3lebm6V5fKyUS-nMmwxpE6BT-1PfnyBii6VbAOOihVvNyUTNucD7P0Km9STiyOkhnqEQ2iMnzGPHML4TusFeZhPsTztbLCKFbtivxOTDvqJn3otMot5Rzc0HBD1mBB_osasdbbdnOkka2Im5p4q&sig=Cg0ArKJSzIYaFQKYRHZ4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:41:27 GMT
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame 7D2D 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7D2D 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 12:41:27 GMT
bidwon
rt.marphezis.com/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/prebid/bidwon
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin
id5-api.js
cdn.topsrvimp.com/cmpp/ Frame 7D2D 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.topsrvimp.com/cmpp/id5-api.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
CloudStorage /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
content-encoding
gzip
age
83066
x-agile-checksum
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
x-agile-request-id
ac5ac336d1263dc9b6654f512cb7a103, 7f3de409af76a6904d53fa00421d1ad5
x-agile-brick-id
480531902
content-length
16288
last-modified
Sun, 13 Nov 2022 08:52:54 GMT
server
CloudStorage
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-agile-source
178.79.252.247:1987
x-llid
c4e57ae9a97fabe964b961edc63f9a9e
expires
Tue, 12 Dec 2023 13:37:02 GMT
client.js
rt.marphezis.com/static/ Frame 7D2D 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/static/client.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a46fb4b0d435e4e16099c4403859ef914abea1650b4a52018467d20d2442fe8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
last-modified
Thu, 30 Nov 2023 16:44:18 GMT
content-length
6399
vary
Origin
content-type
text/javascript; charset=utf-8
sync
rt.marphezis.com/ Frame 7D2D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rt.marphezis.com/sync?dpid=2&puid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D2%26puid%3D%24UID
  • https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:27 GMT
an-x-request-uuid
e24015fc-5106-448a-b4e0-89d54c027dfa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
rt.marphezis.com/ Frame 7D2D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid=
  • https://u.openx.net/w/1.0/cm?cc=1&id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid=
  • https://rt.marphezis.com/sync?dpid=3&uid=2dc5d57c-a449-4a9c-a809-c71b5fd46837
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=3&uid=2dc5d57c-a449-4a9c-a809-c71b5fd46837
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rt.marphezis.com/sync?dpid=3&uid=2dc5d57c-a449-4a9c-a809-c71b5fd46837
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
rt.marphezis.com/ Frame 7D2D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID&rdf=1
  • https://rt.marphezis.com/sync?dpid=6&puid=2783CDDD-C620-40B4-A13E-11E1EBD76B72
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=6&puid=2783CDDD-C620-40B4-A13E-11E1EBD76B72
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

location
https://rt.marphezis.com/sync?dpid=6&puid=2783CDDD-C620-40B4-A13E-11E1EBD76B72
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
rt.marphezis.com/ Frame 7D2D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562863&ev=1&us_privacy=${us_privacy}&gpp=${GPP_STRING_XXXXX}&gpp_sid=${GPP_SID}&rurl=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D7%26puid%3D%25%25ENCRYPTED...
  • https://rt.marphezis.com/sync?dpid=7&puid=IeqFUT30itkVBPaI1w9k4Q&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=7&puid=IeqFUT30itkVBPaI1w9k4Q&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rt.marphezis.com/sync?dpid=7&puid=IeqFUT30itkVBPaI1w9k4Q&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-l2tt4
expires
-1
bidwon
rt.marphezis.com/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/prebid/bidwon
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin
id5-api.js
cdn.topsrvimp.com/cmpp/ Frame E911 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.topsrvimp.com/cmpp/id5-api.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-16.fra.llnw.net
Software
CloudStorage /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
content-encoding
gzip
age
83066
x-agile-checksum
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
x-agile-request-id
ac5ac336d1263dc9b6654f512cb7a103, 7f3de409af76a6904d53fa00421d1ad5
x-agile-brick-id
480531902
content-length
16288
last-modified
Sun, 13 Nov 2022 08:52:54 GMT
server
CloudStorage
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-agile-source
178.79.252.247:1987
x-llid
7572aa4bed0301adb99df0540231cb8f
expires
Tue, 12 Dec 2023 13:37:02 GMT
client.js
rt.marphezis.com/static/ Frame E911 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/static/client.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a46fb4b0d435e4e16099c4403859ef914abea1650b4a52018467d20d2442fe8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
last-modified
Tue, 07 Nov 2023 14:03:30 GMT
content-length
6399
vary
Origin
content-type
application/javascript
sync
rt.marphezis.com/ Frame E911
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rt.marphezis.com/sync?dpid=2&puid=$UID
  • https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:27 GMT
an-x-request-uuid
716e2c54-ba67-4aa2-ace3-5648c658e9e6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rt.marphezis.com/sync?dpid=2&puid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
rt.marphezis.com/ Frame E911
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid=
  • https://u.openx.net/w/1.0/cm?cc=1&id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid=
  • https://rt.marphezis.com/sync?dpid=3&uid=30ce7c5d-efad-4cfb-a98c-97defad27cc7
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=3&uid=30ce7c5d-efad-4cfb-a98c-97defad27cc7
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rt.marphezis.com/sync?dpid=3&uid=30ce7c5d-efad-4cfb-a98c-97defad27cc7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
rt.marphezis.com/ Frame E911
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID&rdf=1
  • https://rt.marphezis.com/sync?dpid=6&puid=457C0E3B-119F-4C87-8B76-6993553AC403
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=6&puid=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

location
https://rt.marphezis.com/sync?dpid=6&puid=457C0E3B-119F-4C87-8B76-6993553AC403
date
Tue, 12 Dec 2023 12:41:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
rt.marphezis.com/ Frame E911
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562863&ev=1&us_privacy=${us_privacy}&gpp=${GPP_STRING_XXXXX}&gpp_sid=${GPP_SID}&rurl=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D7%26puid%3D%25%25ENCRYPTED...
  • https://rt.marphezis.com/sync?dpid=7&puid=KuCVC5063sXzSfVNNy2-XQ&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=7&puid=KuCVC5063sXzSfVNNy2-XQ&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rt.marphezis.com/sync?dpid=7&puid=KuCVC5063sXzSfVNNy2-XQ&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-8wjjt
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame BE7C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197494&cb=https://rt.marphezis.com/sync?dpid=5%26puid=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
2 KB
830 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cf4b1169eba4605a9571ba396c475e49179546e96030ebfa82dbc3ac16cc771

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83460aaf3d922397-ZRH
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkWuNnsxX6eSO5AIBv%2F%2FCafWAFlqWhpaxUjVkpSOccVnvcDTuIakSQ3cM7FsiZQ0Ylr4TtFWcW2JgFfmPnYx9iclUFigVPoPAjp0ZguSSTKWQuGHfdNDZ%2FWrs0yEzwMAbfBH%2FIVKldnnUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83460aaecccf2397-ZRH
content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBYA2XKtTnzfYTq%2FdAJz0abHKRyUH66OqY2oN82ZlQD9uydoxNIABzE0ssD6DLZ9Ra7MEgshNxwch5fmdraw0hPTbP%2BvB3%2BGtd1jVFN5uZqVHjeHW1FaFxwc8tSfK2NDFUjZmiBKhDLVvA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 69ED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
  • https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 12:41:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
server
AkamaiGHost
truncated
/ Frame 7D2D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d42e4ce94eaaef8a75bb0fcc9371579eea38f5ff32c0fa8aeba1460300a98d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
  • https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 12:41:28 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame 7CCB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197494&cb=https://rt.marphezis.com/sync?dpid=5%26puid=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7f3f2ead20eb29fe965e5fcfde49814c35d6615d1e08f8496e7618003f372

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83460aaf5c0f24be-ZRH
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrBiR6l6fu4JFdhagwvkFLK%2BiTpsSLK8KNFJxXSljxab%2BDfdOSi9%2FArpdkmJGV%2FaXdDO3bEA20LOMK%2BmKqhVQ4VPddUwg1k61xPhBrNvMjWNZRNBHPcWq5VIY80i9RNF4XxdVnJjf5Ob5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83460aaf1d572397-ZRH
content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qr9Hn%2Bi9aCDQEkRtxvswfBTkyxAVOtP8k8a6IjJFtl31P2GdZ9pRonfybJdzJq7v%2FggXTGL8hpRMnZQ2EPlEA41FcsxSm3PotLEZ0xFQoB8QTrfORo2%2BmeGnrmQIFfxRcoL3ubfIhNrMbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame E911 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
982a269834531f7d5e16ec9a78a13896e390415c8b21b8e870ca6ef8c71957db

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
crum
dsum-sec.casalemedia.com/ Frame BE7C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXhU.LnGW7XTXH-mK0xorgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjXulkXVN33wL%2BalO0fggEe%2B%2FL1vTUr%2BVWjF4njS2Lue2zjQ48u%2BNsXqtRo7p55pAQkJfqytPg6tvrGOid%2FylikoJU%2BotbtqUhxbNz6ITUOPYlMj3Mq8XvBcy1GoeYA3fii018QGbSX6DA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab04e2c24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame BE7C
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXhU.LnGW7XTXH-mK0xorgAA%265152&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXhU.LnGW7XTXH-mK0xorgAA%265152&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d40cda517edc4a999511bef37c43b40f
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d40cda51-7edc-4a99-9511-bef37c43b40f
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9f06b427-8587-415c-8ae5-f0c697e4474f%3A1702384888.968586&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9f06b427-8587-415c-8ae5-f0c697e4...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631277691006&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9f06b427-8587-415c-8a...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9f06b427-8587-415c-8ae5-f0c697e4474f%3A1702384888.968586&_=1702384888.9706473
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY5ZjA2YjQyNy04NTg3LTQxNWMtOGFlNS1mMGM2OTdlNDQ3NGY6MTcwMjM4NDg4OC45Njg1ODYQABoNCPmp4asGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJmPvla1QOfsvOOp18ubkzc&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJmPvla1QOfsvOOp18ubkzc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJmPvla1QOfsvOOp18ubkzc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BE7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXhU-LnGW7XTXH_mK0xorgAAFCAAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuoLM9eO9ALC8kelDuCUgZs2zy3i2mYo9CD5fhQ5C6b%2F1ZmPHH9%2BADSAxUb1yRlAHuBq54Ga%2BAdEkoRV7I8L%2FmFJMMn%2Bg%2BmEmAzYkxUNRXwLuyZ2wdgi99xK0DLxVTw76XQ15gjAYq3bkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab03e0624be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BE7C 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame BE7C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LtAN1CKG1Rd24M5
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LtAN1CKG1Rd24M5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X53FqDVz7qSMv%2BVgZ%2FtvLZ%2FqGqCLpH1egbCMTVW%2Frvq0R3rHBNH2nzWHfY6YVGdcbRfp1ee0UJ8zT2e6l5fLLrucyI2IphGTUOOP4EJa28CV3PFd4jJuTu84a9zrep%2FGDadrcRA%2FfD5y6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab0ffa324be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=LtAN1CKG1Rd24M5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BE7C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152&tc=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8WiuN1soJx2mJygi1hyF3TPECp%2Fl7sEr5o6S%2BpaInCgA1zFlB9Z1rp%2FJhF8OKChLF%2FX1AHsu1P7juVHYoW8tLDXqZiwGeLwtEtxqNoz6dd8aUiMnDmQQyw01QxN6HLTGFsrzu1xpJdoiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab07e9f24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZXhU.LnGW7XTXH-mK0xorgAA%265152&tc=1
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT, Tue, 12 Dec 2023 12:41:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BE7C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=247683937117432826&expiration=1703594488
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=247683937117432826&expiration=1703594488
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0tTgJ5tgS%2BmgFWbXvtKfllU8mxIxqOpfPdrkqIz4EdqNque7gapzAjjqa%2BrBmtCUJq%2FI9QcvuEUj1yXaY4NNOGLSNIPXPPnr8gafjAAoS3ls2u27nWHfgqVDGxERNZznu2bnnToakaXnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab0df7524be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=247683937117432826&expiration=1703594488
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ix
ad4m.at/ad/sim/ Frame BE7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
rt.marphezis.com/ Frame BE7C 		0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=5&puid=ZXhU.LnGW7XTXH-mK0xorgAA%265152
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin
usermatchredir
ssum-sec.casalemedia.com/ Frame 7CCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy5AZIJ4elM6P8unw%2Bos9QdUPblx6UceZDRjEX1xsClOFPOHq6OzFdX40fqIfHpMqkPHeS%2BO8CUO%2B1MSVi%2BQ33e71Jt9AHxnwwo5ynaJDZ87CZTYtLYftRNuszyrLSV4hnTgyJSmuiqlLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab03e0a24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMxLp8Lb_1hfBLekfqoPIcU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7CCB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SPF0GFGERN8XGHPJD6YB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4EXQ3RZXTQV9H6S252S2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
52154.gif
idsync.rlcdn.com/ Frame 7CCB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=a09ee7506fd941a2bcaacc829a97e3be
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=a09ee750-6fd9-41a2-bcaa-cc829a97e3be
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a63902a2-6c30-492c-926c-11fa91fd6938%3A1702384888.9682717&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da63902a2-6c30-492c-926c-11fa91f...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685631277691006&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da63902a2-6c30-492c-92...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a63902a2-6c30-492c-926c-11fa91fd6938%3A1702384888.9682717&_=1702384888.9703002
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7176766822098981487
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7176766822098981487
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
99772b4b-4837-4ce3-be9f-b0e7d9ac8475
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7CCB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXhU.NGBw0f89tZ9hxjgyAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRDInEb%2FewlMwwOfsobrSqJ8Ssjf%2B8gfjLydfNPMvvTjQnCnW6h%2BqBu9LboO785RBI4tDAr78mnVnclWsEQVMo6RpHGmsxQa7u9LoEQvCPFz0HA%2BzYd278tpycy4hpsFs5FAeiy%2B4uD3bA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab05e5224be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBmk4vmJeUCLzU9xHixnoV4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 7CCB 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:360d:1e8d:2547:a624 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7CCB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E6AFAC3797F14B70B25B7C15FB7D9484
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E6AFAC3797F14B70B25B7C15FB7D9484
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juqne4n7BazyeDm4PB4xIOuahgzrHSatwjsgD%2FyN4MVPaG69n59fxtLFd33olz0UCEkr3XIxqUHzVaHHkYIB79sGQ1aA%2Bc%2F8qS8hYzgV7wWOssiHSZrkpzYF3oEOKBKUM%2FSjzdm5zmOSHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab08ec624be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E6AFAC3797F14B70B25B7C15FB7D9484
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 12:41:28 GMT
rum
r.casalemedia.com/ Frame 7CCB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1m6UX0AuV5nwq0RVv5b%2BNRPo9b1J4m5sOiVGKhSF7YpkrWXU%2FCJo02lmAK67yMIqEFdf8LEZLjXR54sSsDStN3XwSuG01E%2BJvFhB4BdwI5ClSQlOjbjk4qPzYDO%2FjO8qCZG"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab31be02397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum.casalemedia.com/ Frame 7CCB
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9391145e-0614-7717-ce5d02d7
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9391145e-0614-7717-ce5d02d7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwRmG9bNOKKX2GgRdZwCpa%2FVyrOSEC7lchVjK8DXb0YqKAAgwO0f3dT5FAOoAydKtvMw%2F2OdtZm1j7j1aCbfOPvaplqOy9lAjza9vfBU4vxkdZ9wKKWQJGop9P8OljVvqWJddIKr"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460ab118f02397-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9391145e-0614-7717-ce5d02d7
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
rt.marphezis.com/ Frame 7CCB 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=5&puid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin
usync.js
eus.rubiconproject.com/ Frame 69ED 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23675
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:03 GMT
usync.js
eus.rubiconproject.com/ Frame 8305 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23675
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=288799362812040&bg=!cHOlczzNAAY3kmNgF5I7ADQBe5WfOLMnbD_PMhJ55C013ias8NM-z6rlFb33sWfPkf-ZZokgJLirw5f1fQhkLrTfRCORAgAAACxSAAAAAWgBB5kCw_r16npFX_6veNu0JtLZ265vj3FnWWfSjYVwoCx4C0-eUH6cfWJErxfQVE2xO6LyayjhxgbLGjT1pB0GfFL9UmCwZ61oKv_pUVblOtszXo2RoLGuibd0PB6Sq6g4YMc_3ArbI1UoIuRrsFnyc55QtKMJBRijc2R3rGNJeB8Xlbq79_7rThQ4q5xcbeHlbqIWlzJ57W8Ijr3eiZ4xzoF5rKXjSW2iYu13JUTxVPSIGfgKkZwmKMQraSIGJ1k8jIVlYjTnt45W96ehXeGpGOWPzdsm7gcV1d9915L8-1nmQ2druR469AQjW1MLN4XsSkdNisSkTRo6sZSVhXsbxg5SrkPpiCCVlRAsCnE28xU15K8IwIsiZBNcybL8515HxeR7_vjKcH72g6kdZgNPkSLyB4AaUUPCUz4cXq6yYdrx6fgnuPoFgeuwvp5aYI90wCE_l4CBm4f_IjHUoYVfXC940S0SnMJi_uSfqVbKiGPAT7iv_vJ5lwKrlVdtWHdRqT7M1X11AzE38F0MT6iXsM6U85ggt9EoP8uTvYakZYw6zjQjkylnEDehIQQ_qeU_s-9L7DQvItcSf6uTZAfbKW_XXqGaDhXohV8IkhrrY9azv89JPntzn9GjMOOw2_L3OoVHAXyJDfxOheXBbriA-d4PvyHEbaST2uQz0Jl0HTr6xqf29tw_ubDBWcdI7mACg0r0Cbh9piuq5cGa_IAGr7nqqwQGWrHGrkHZ-ffzzLqoXXMBjPeYsg7ubOPE59CbhyE5n_Eh8ACM4Ej_TTCGzdZ3v8JQLqQd3UxWV3WU4L7CO1aBej5CWOlWnTwHqE3EWW2AwUHnIb1i4OPzIsDBR7c2g02sR8SLR2dnMlmb2CGaWyNDmd12o_X8KuTZQaGDI6crGzWRc6PUT6tZ4GF6ZJdVKJL8EPNzqz9rlCD_2vQvaTSU7iZj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
khaos.json
token.rubiconproject.com/ Frame 69ED 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8305 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH7HnVZn32tI9xJj4EwkHxNLpKSOndANNjhL8nhdjnE0buYcjp-GHa5RGmIENwzixSAURQwN_fqnqr6HTOZiX1MlDxMtGMUJ9R7ruZk5A-PJo0jHOXF8shzJdYpx5b3JbYSXK17uYXq8bTMVMtKGf-rrSFNc-6M7JprMCohQnZvKxAwivQDmnV3CM4av4k9X8a7Oyv3lkZpIVWamRfmt6BthkTvhfiYIxJcKxpOiMMUsSvCpqi1mUh70AuYeSE4U7anqyloikP85zZgEFdSKD-l9npx7ds0cfjo9chpRTjf3zbaB6ZI4vYjRJyo1JQNz-TG_4cKOcqMQJc-citbm-uyIn50JCT7ip1RuHzSu24OlNAeXVKRROrOdw_MOe3Z-aD8InZa78&sai=AMfl-YTE9oi_TFJOVpW98jn5oP_holKM45A9OAE8jM9-nYVLRu0bBghLeR6pyscTdxfpzlQcL8-dYZHMz3TxXw3dWhAH7kuE3hSKw-nEBYya-dK2ALo0mIROXGf14bQyaIz6k-fBSE8j-KevOzbhb03SKItt&sig=Cg0ArKJSzKj2izGxmpX6EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:41:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E911 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvw8OrLreXeCIuwvu1MBVeT4TCzWBVsFlkAFo5A4msOMsQn1SRSbUntQd30hhvaGHh11ibVIO0j2yM6b8CIw04Oz90y2FlgdXLAtGjrvxrKgZUofaeAepYWAQL_HFl15iItbLGA4gVZoT7Cm8xCC5CMr-JacRBwYS1Hu74b19dCBsHgznKmB2DUweirHZL40cMrAn1WX0qPxGxgAZatd4JE-55aQvd6y22_9YahYXPE2g4kf5uYiIfWhtWfq-lfSQ22sWL6aPc__-wZqRtiVU_8k-SBjENmvdygmSRF0gs51iYOFzTwh6i_E6i2WWcbklHDS79FZAIe3mYhAl-uysUNBeDB3DI0LeYc3RkkIrxd60ApJj3oaaNWPMgtGHXnGKwDr9Gml8M&sai=AMfl-YRJMoCeSygFiNtY20WMD5cujkgxItYa1yqD94g9fkdW3pW01FgQiVLhBpz99ovbnGl118B-aH5F2n4zFtFXudvnovILuYBd-yn_H3skZpAPRKXp5wrXb-6_tluoOMHQuUtbjDECZV2oxNMFarowTkOi&sig=Cg0ArKJSzO7AwShIUksJEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 12:41:28 GMT
sync
rt.marphezis.com/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=getmedia&khaos=LQ2C09BS-19-69F3
  • https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LQ2C09BS-19-69F3
0
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:27 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 69ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyQzA5QlMtMTktNjlGMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMfVEgr_FUJTuWpZ2ocpDg4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyQzA5QlMtMTktNjlGMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyQzA5QlMtMTktNjlGMw==&google_push=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyQzA5QlMtMTktNjlGMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 69ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJA23jhOY9F4dCYSTnei-FQ&google_cver=1
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJA23jhOY9F4dCYSTnei-FQ&google_cver=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJA23jhOY9F4dCYSTnei-FQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhhNWNlYWY5OTEyNTY0YWMwNGFhNDIyMDRiNGU4MDUwZjJjODcyOA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhhNWNlYWY5OTEyNTY0YWMwNGFhNDIyMDRiNGU4MDUwZjJjODcyOA
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhhNWNlYWY5OTEyNTY0YWMwNGFhNDIyMDRiNGU4MDUwZjJjODcyOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 69ED
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZtTmmhuRToOL_Y3l9DLkaQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZtTmmhuRToOL_Y3l9DLkaQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZtTmmhuRToOL_Y3l9DLkaQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D5XG8QQ01RHJ2Y131QS0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZtTmmhuRToOL_Y3l9DLkaQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 69ED 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
setuid
px.ads.linkedin.com/ Frame 69ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2C09BS-19-69F3
0
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E02955728FC940E2BC4B19D9687B7FED Ref B: ZRHEDGE1417 Ref C: 2023-12-12T12:41:28Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-source-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMT16RRCWsH2v/u0uV3Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2C09BS-19-69F3
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ2C09BS-19-69F3&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ2C09BS-19-69F3&ex=d-rubiconproject.com&status=ok
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FAB87QCG7YPM0WFKMBM4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ2C09BS-19-69F3&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 69ED
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MTySXQ2gQ0e1h53thpSFgA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MTySXQ2gQ0e1h53thpSFgA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MTySXQ2gQ0e1h53thpSFgA
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BR55V02Z63HWEDPW3NG1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MTySXQ2gQ0e1h53thpSFgA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 69ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vZhw5RoU6d_Axe_am4YxLMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gvjRAcdE2oKeSV.Xn2winX3i8zWjBo0aVb7b1A--~A
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gvjRAcdE2oKeSV.Xn2winX3i8zWjBo0aVb7b1A--~A
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-gvjRAcdE2oKeSV.Xn2winX3i8zWjBo0aVb7b1A--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 69ED
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC2mU7K8KoAABRae0t2PA&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC2mU7K8KoAABRae0t2PA&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAC2mU7K8KoAABRae0t2PA&expires=30
Date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 69ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ2C09BS-19-69F3&redir=true
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQ2C09BS-19-69F3&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQ2C09BS-19-69F3&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zbUJLaDQ1RTJ1SElUdUd0QndfSWtZZk96Zm9ZUjBETH5B&ovsid=LQ2C09BS-19-69F3&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zbUJLaDQ1RTJ1SElUdUd0QndfSWtZZk96Zm9ZUjBETH5B&ovsid=LQ2C09BS-19-69F3&dpid=58160
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
23.48.23.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-57.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 12:41:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 12:41:29 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0zbUJLaDQ1RTJ1SElUdUd0QndfSWtZZk96Zm9ZUjBETH5B&ovsid=LQ2C09BS-19-69F3&dpid=58160
date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2C09BS-19-69F3
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
an-x-request-uuid
9455f346-be0a-46e1-9a98-100a5e01f7f7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
liveCS.php
live.primis.tech/live/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ2C09BS-19-69F3
0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
2600:9000:2251:7400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
content-encoding
gzip
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
coSie2JtH0a8W962YicmyedtsrryuvbC8q04mjKNKq-pNVfTx6kuRw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
v1
match.sharethrough.com/sync/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2C09BS-19-69F3
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
35.156.254.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-254-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 69ED
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=70375868-b402-4c04-9dcb-902623f69260&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=70375868-b402-4c04-9dcb-902623f69260&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=70375868-b402-4c04-9dcb-902623f69260&expires=30
Date
Tue, 12 Dec 2023 12:41:29 GMT
Connection
keep-alive
X-CI-RTID
687eeb0e-1694-43d0-935b-b37266842106
Content-Length
144
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 69ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2C09BS-19-69F3
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:28 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 8305
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQ2C09BS-19-69F3
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 8305
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ2C09BS-19-69F3
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ2C09BS-19-69F3
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LQ2C09BS-19-69F3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
capi.connatix.com/us/ Frame 8305
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQ2C09BS-19-69F3&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQ2C09BS-19-69F3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQ2C09BS-19-69F3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83460ab339ee24c2-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 12:41:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQ2C09BS-19-69F3&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83460ab2b8cb24c2-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=59e23abb-f1b2-4bcd-97f9-4d61a263a1f3
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=59e23abb-f1b2-4bcd-97f9-4d61a263a1f3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=59e23abb-f1b2-4bcd-97f9-4d61a263a1f3
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
971687
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=247683937117432826
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=247683937117432826
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=247683937117432826
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cookiesync
bttrack.com/pixel/ Frame 8305 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
NET-33-132-192.68.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track001-iad
pragma
no-cache
date
Tue, 12 Dec 2023 12:40:17 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 8305
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ2C09BS-19-69F3
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=Ol13Km9rW5N_haph2upMcrnDR9k
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=Ol13Km9rW5N_haph2upMcrnDR9k
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=Ol13Km9rW5N_haph2upMcrnDR9k
Date
Tue, 12 Dec 2023 12:41:29 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7176766822098981487&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7176766822098981487&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
an-x-request-uuid
267cea16-2ed1-4f4f-92a3-964d4fe6d3b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7176766822098981487&expires=30
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2505814098745901013&expires=60&gdpr=&gdpr_consent=
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2505814098745901013&expires=60&gdpr=&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=2505814098745901013&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1702384888697
  • https://ad.turn.com/r/cs?pid=45&rndcb=8097842302
  • https://sync.1rx.io/usersync/turn/2577871692783828949?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-68eed92e-4bc8-4e...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003&expires=30
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003&expires=30
date
Tue, 12 Dec 2023 12:41:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX68eed92e4bc84e3f8d59d99c9497c06c003
content-type
text/html
709414.gif
id.rlcdn.com/ Frame 8305 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie-sync
sync.outbrain.com/ Frame 8305
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ2C09BS-19-69F3&obUid=&initiator=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ2C09BS-19-69F3&obUid=&initiator=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Cache-Control
no-cache
X-TraceId
ea72b183f9ffc1067c43f0decce806ed
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQ2C09BS-19-69F3&obUid=&initiator=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame 8305
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ2C09BS-19-69F3&name=RUBICON
49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ2C09BS-19-69F3&name=RUBICON
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Server
63.33.18.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-18-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
8
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQ2C09BS-19-69F3&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
60909
i6.liadm.com/s/ Frame 8305
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ2C09BS-19-69F3
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ2C09BS-19-69F3
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ2C09BS-19-69F3
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:2ea8:40b3:7109:7bd2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LQ2C09BS-19-69F3
Date
Tue, 12 Dec 2023 12:41:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
tap.php
pixel.rubiconproject.com/ Frame 8305
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&expires=360&gdpr=0&gdpr_consent=
42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&expires=360&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D0C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23907
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Tue, 12 Dec 2023 19:19:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3D0C 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94361388&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
1507b4191de6cd5e283a20180dd8c8e87abf7d6c56f0e2a4bbdb026abbc30764

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
img
sync.mathtag.com/sync/ Frame 7147 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x30 config_version:"2665" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 12:41:28 GMT
Expires
Tue, 12 Dec 2023 12:41:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master zrh zrh-pixel-x30 config_version:"2665"
Pug
simage2.pubmatic.com/AdServer/ Frame 7C11
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Tue, 12 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
923312
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8E52 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=457C0E3B-119F-4C87-8B76-6993553AC403&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 12:41:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
KK70XT2RHF6ZM8T4SX2V
Pug
image2.pubmatic.com/AdServer/ Frame BB8C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1
42 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 01A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7176766822098981487&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7176766822098981487&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ae5801f9-8427-4bf8-9ba8-109c527a9ab0
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7176766822098981487&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9405
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7311687423465945248&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7311687423465945248&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 12 Dec 2023 12:41:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7311687423465945248&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame EEE9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ol13Km9rW5N_haph2upMcrnDR9k&gdpr=0&gdpr_consent=
42 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ol13Km9rW5N_haph2upMcrnDR9k&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 12:41:28 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Ol13Km9rW5N_haph2upMcrnDR9k&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 9649
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f96f0221-3921-4dc1-a9ba-f7fc74506f74
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=f96f0221-3921-4dc1-a9ba-f7fc74506f74
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=58cf946d-aa01-483a-9588-3fa84e52ea6e&user_group=1&ssp=pubmatic&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 12:41:29 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
image2.pubmatic.com/AdServer/ Frame C4F1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMm1VN0s4S29BQUJSYWUwdDJQQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAC2mU7K8KoAABRae0t2PA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC2mU7K8KoAABRae0t2PA&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC2mU7K8KoAABRae0t2PA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5566155699205740968&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC2mU7K8KoAABRae0t2PA&gdpr=0&gdpr_consent=
42 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC2mU7K8KoAABRae0t2PA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 12:41:29 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC2mU7K8KoAABRae0t2PA&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8976
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXhU_QAGY5ELUgBH
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 12 Dec 2023 12:41:29 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6920-MXP
x-timer
S1702384889.131075,VS0,VE96

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 12 Dec 2023 12:41:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXhU_QAGY5ELUgBH
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6920-MXP
x-timer
S1702384889.918949,VS0,VE185
Pug
image2.pubmatic.com/AdServer/ Frame 443E
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb85c77a1eb4641b7982417bfbbe7dc72
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb85c77a1eb4641b7982417bfbbe7dc72
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb85c77a1eb4641b7982417bfbbe7dc72
pragma
no-cache
server
nginx
bridge
cm.adgrx.com/ Frame 672F 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
simage2.pubmatic.com/AdServer/ Frame 4160
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 1F72
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3763969272172057271
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3763969272172057271
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3763969272172057271
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 313B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631277691006
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631277691006
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 12 Dec 2023 12:41:29 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631277691006
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame E6D2 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 12:41:28 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-1a21d5ff21aa@version_1.578v2
X-core-time
1ms
X-server-arch
v2
cm
ipac.ctnsnet.com/int/ Frame 7B4F 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 8A22
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=96bf28eef2bb1407/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=53be28644293ed08950e49bc7dc796d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRUhMXSnnMXhhbWaT&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRUhMXSnnMXhhbWaT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRUhMXSnnMXhhbWaT&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5253 		0
0
setuid
u.4dex.io/ Frame 0627 		0
708 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 12:41:28 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RXwOOxGfTIeLdmmTVTrEAw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=23907
accept-ranges
bytes
content-length
5622
expires
Tue, 12 Dec 2023 19:19:55 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3D0C 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.196.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-196-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.206
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 3D0C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1794479660
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1794479660
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
via
1.1 google
last-modified
Tue, 12 Dec 2023 12:41:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
via
1.1 google
last-modified
Tue, 12 Dec 2023 12:41:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1794479660
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 3D0C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=457C0E3B-119F-4C87-8B76-6993553AC403
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTdiYldPanRRRHpTSXFNeVRjWXItcG1QQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=247683937117432826&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
52.16.120.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-120-138.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDU3QzBFM0ItMTE5Ri00Qzg3LThCNzYtNjk5MzU1M0FDNDAz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhZqCq4OHe6TfS4Z_SUbp4&google_cver=1
42 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhZqCq4OHe6TfS4Z_SUbp4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOhZqCq4OHe6TfS4Z_SUbp4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3D0C 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 11 Dec 2023 12:41:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=247683937117432826
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=247683937117432826
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=247683937117432826
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3D0C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
457C0E3B-119F-4C87-8B76-6993553AC403
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3D0C 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/457C0E3B-119F-4C87-8B76-6993553AC403?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=457C0E3B-119F-4C87-8B76-6993553AC403&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9PQ2aT5E2uWRqds8Nf8b9U0DngDMDBo-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9PQ2aT5E2uWRqds8Nf8b9U0DngDMDBo-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9PQ2aT5E2uWRqds8Nf8b9U0DngDMDBo-~A&gdpr=0
date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=38eba8bdf4b7158e&is_secure=true&networkId=17100&version=1&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtH4kcOAXgwMg_KF8AAAAAAA&expiration=1702471289&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&...
42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtH4kcOAXgwMg_KF8AAAAAAA&expiration=1702471289&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHtH4kcOAXgwMg_KF8AAAAAAA&expiration=1702471289&nuid=457C0E3B-119F-4C87-8B76-6993553AC403&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8918939968121487317&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8918939968121487317&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8918939968121487317&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3D0C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:28be3875-413b-42b2-8ddc-5a2f556cfbcd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:28be3875-413b-42b2-8ddc-5a2f556cfbcd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 12:41:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:28be3875-413b-42b2-8ddc-5a2f556cfbcd&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 12 Dec 2023 12:41:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:29 GMT
syncframe
gum.criteo.com/ Frame 140F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
server
Kestrel
server-processing-duration-in-ticks
1428947
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:29 GMT
sid
mug.criteo.com/ Frame 140F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=q3b9y3xNRnpPMlIrREFwS3NpK0VUTzVnZGg3bkM2NnlFclpQNm9BQXJ2ZXhLSE1Sanl4OUxJaVNsVndZTVdnQ2ladmVOeWVjbXdTd1hPUUVsaVFSZC9CeTQ5VXRSc00yTVRMaVcxWFdEVDVCVzhlYk81TXVNMGRNVG1vOG...
431 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=q3b9y3xNRnpPMlIrREFwS3NpK0VUTzVnZGg3bkM2NnlFclpQNm9BQXJ2ZXhLSE1Sanl4OUxJaVNsVndZTVdnQ2ladmVOeWVjbXdTd1hPUUVsaVFSZC9CeTQ5VXRSc00yTVRMaVcxWFdEVDVCVzhlYk81TXVNMGRNVG1vOGtycUtWN3E1bHZTWFVNeGZEenZwa3RXK0JSd0JSSG5aN1RpVm8zcDlXOTlKNGlEVG5KR0djVUp4T3k1M3ozL1NhTVRzdDZzaGlKY0lYVzY1SXVuT2tydm9KK0doQ2hUYVpkK2Z5UnIra1dIc2lJNVlKMjU0VmVFK2pvV0hPWUN2SW9paUxaMnlRZVJqZXV4WDJSMEUzaVdJdXRHQy9FVXRhMTcvU1lwVmVLcHJ0VHpVNTB6dz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4ec2aecd3fbbba2c6fb2948de39413c4dfdb2b846f3de90fa7a6d3d063868b3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1136336
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=q3b9y3xNRnpPMlIrREFwS3NpK0VUTzVnZGg3bkM2NnlFclpQNm9BQXJ2ZXhLSE1Sanl4OUxJaVNsVndZTVdnQ2ladmVOeWVjbXdTd1hPUUVsaVFSZC9CeTQ5VXRSc00yTVRMaVcxWFdEVDVCVzhlYk81TXVNMGRNVG1vOGtycUtWN3E1bHZTWFVNeGZEenZwa3RXK0JSd0JSSG5aN1RpVm8zcDlXOTlKNGlEVG5KR0djVUp4T3k1M3ozL1NhTVRzdDZzaGlKY0lYVzY1SXVuT2tydm9KK0doQ2hUYVpkK2Z5UnIra1dIc2lJNVlKMjU0VmVFK2pvV0hPWUN2SW9paUxaMnlRZVJqZXV4WDJSMEUzaVdJdXRHQy9FVXRhMTcvU1lwVmVLcHJ0VHpVNTB6dz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
310452
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D2D 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7NdEcHHaqdlawkEoQdI7xYljq7_sAuSdW2TIvtb8Xz5aR8MOHHrlk4SqDdJoN095VITuX-X4eHLJmhXQovbobqWzo6gPVE5C3d94FkX4GStdgn_GVg7fy9iemhfBHCaBI-zYXHE6kIzpSrnPDQuBeN1bJ&sig=Cg0ArKJSzDPuT2L9TsEkEAE&id=lidar2&mcvt=1000&p=798,1077,1048,1377&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=997962783&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702384887868&rpt=542&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 1D60 		129 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e818f6fea40fe02802ab543ae13ec750b1d3a4fbe33c70a8fdbac86f5758631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 07 Dec 2023 05:31:57 GMT
Date
Tue, 12 Dec 2023 12:41:29 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
25761
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
47054
X-Served-By
cache-lga13622-LGA, cache-mxp6946-MXP
Last-Modified
Tue, 05 Dec 2023 19:06:55 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1702384890.534852,VS0,VE0
ETag
W/"656f74cf-20543"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
172, 7697
nmedianet.js
contextual.media.net/ Frame 1D60 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c669036a988609095adbbdb604b42d237d5033ce903ac27d1737abddcbfffebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 12 Dec 2023 12:41:29 GMT
server
Apache
etag
"d7de00685e8c25e4e7e6ea8a22d415d6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
36439
expires
Tue, 12 Dec 2023 12:46:29 GMT
log
qsearch-a.akamaihd.net/ Frame 1D60 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=9d9da252a088e83cb672a2611f49b718&algo=mrg-4.0&bdp=0.0120&bidfp=0.0120&capd=1&cc=CH&cid=8CUQN152J&crid=881526814&ct=H%C3%83%C2%BCnenberg&dc=east_sc&dfpbd=0.0120&dn=pastelink.net&infl=flr&iwb=1&ogcbdp=0.0120&other_bids=0.012&other_prv=460&pbshr=100.0000&prdp=0.0120&requrl=pastelink.net/mmcz79u5/&sat=1&sc=ZG&sc_pvid=460&send_erpm=false&server=1&size=300x250&strg=no_strategy&totalTime=2291960&ugd=4&ver=9.6.4&cliIP=-1178384640&time_stamp=2023-12-12%2012:41:26&seat=BID_API&itype=appnexus&req_id=3853200231410752905&dfp_bucket=0.0&bdp_bucket=0.0&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=*&ogerpm=0.0200&ogerpm_used=false&rawbid=0.0120&totalTimeBucket=2&sub_bidder=196&current_day=2.0&current_hour=12&cut=0&floor_bucket=0.00&erpm_bucket=0.00&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.1800&stid=27197328&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&bdp_wider_bucket=1&splid=27197328&dim10=false&log_less=false&cut_bkt=40&advurl=generalsearch.net/&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=mmcz79u5&clisp=rtb-appnexus-78d5854775-gjspw.SC&dmm_m1=2023-12-12%2012:41:26.894670064&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0200&adtyp=0&gpid_format=DEFAULT&gpid=27197328&gpid_sent=true&pst=EMS&bcrid=446649379&zone=d&rc=-1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-lite-fb8fd6758-zwrhl&rel_cut_bkt=100&djvm=9.5.8
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:29 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Dec 2023 12:41:29 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 1D60 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 12 Dec 2023 12:41:29 GMT
x-guploader-uploadid
ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Tue, 12 Dec 2023 13:41:29 GMT
it
nym1-ib.adnxs.com/ Frame 1D60 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKCBfBMggIAAAMA1gAFAQj2qeGrBhCq8tPJhtDq20AY5vzp5rqDnbEaKjYJ-n5qvHSTiD8RiIVa07zjhD8ZAAAAQOF6AEAhiIVa07zjhD8p-n4JJAAxCRu4xD8wkP_7DDiZXECVCUhgUKOo_dQBWMvdoQFgAGj99sQBeKSoBYABAYoBA1VTRJIFBvD9mAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHBWeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9tbWN6Nzl1NYADAIgDAZADAJgDFKADAaoDQRIYMzg1MzIwMDIzMTQxMDc1MjkwNV9zYmlkGhM0NjYzMzgzNDA3NjYzMDUzMDk4Igk0NDY2NDkzNzkqBU0xMTczwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKMhITD6BBIJAAAAIIySR0ARIUnYaU8gQIgFAZgFAKAFibvDjaCm1Lw1qgUPNzI0MmMwZTYyMGQ2ZmE3wAUAyQUAAAAAAADwP9IFCQFFBQFw2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBq_xAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SoBdIHDRVlASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=cdadd9a83acb8db92bfee9999453d89ca4bc3c3e&pp=0.0102
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
1ff80705-c184-473c-9387-966d832ca57a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 1D60 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Wed, 11 Dec 2024 12:41:29 GMT
served
rt.marphezis.com/ Frame 7D2D 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/served?_bc=KgAAETFPWFBYRlBXWXBRUkMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVNdSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSWytZUlEpX1xIcUZdBkVAUg5fZQgAVixEAAR1FwsCUBdQDA8pTwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfwAMBBwVDQgBLU8UECoAAFhwQlpRWFIRChw8EBRYIAtCFiACG1pYWlNeXntPFwwyDFlWckIRVV1ERRwBJwYUWHhPEAQlGw1aCgcCQhcnBwFIOw87VHRFXF9eTFBdWXBbXEh_NlVXcUZcUTdGTl9AeQ==&ver=0.0.21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:29 GMT
access-control-allow-credentials
true
vary
Origin
timp
rt.marphezis.com/ Frame 1D60 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/timp?_bc=KgAAETFPWFBYRlBXWXBRUkMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVNdSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSWytZUlEpX1xIcUZdBkVAUg5fZQgAVixEAAR1FwsCUBdQDA8pTwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfwAMBBwVDQgBLU8UECoAAFhwQlpRWFIRChw8EBRYIAtCFiACG1pYWlNeXntPFwwyDFlWckIRVV1ERRwBJwYUWHhPEAQlGw1aCgcCQhcnBwFIOw87VHRFXF9eTFBdWXBbXEh_NlVXcUZcUTdGTl9AeQ==&ver=0.0.21
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame E911 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJA54WFsKEOa3Y26WrQFyclEnxAT7xPhk2Qt0tiZNW7rRnQ4u8U9sDAcSRgEeC8kcEOxfYUO9hxQyfh9zARMB-z5imajWF-wCIuDPZIbWJzSdxtFT_mNsZ2CIJPokIY1JNlmBA6bgmjrldrDNf6g7r0ROA&sig=Cg0ArKJSzHW1zxo1asfyEAE&id=lidar2&mcvt=1000&p=498,1077,748,1377&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=997962782&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702384887862&rpt=581&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nmedianet.js
contextual.media.net/ Frame 56F3 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d4d3853563ae0019c32b347ac3cf712b217d38575b07c66dceed3fa1c2c45d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 12 Dec 2023 12:41:29 GMT
server
Apache
etag
"6e44ed1553f35bcb315717f07238f658"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
36440
expires
Tue, 12 Dec 2023 12:46:29 GMT
log
qsearch-a.akamaihd.net/ Frame 56F3 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=d8c6360800564f8f52d146808b78d761&algo=unison26&bdp=0.0200&bidfp=0.0120&capd=0&cc=CH&cid=8CUQN152J&crid=881526814&ct=H%C3%83%C2%BCnenberg&dc=east_sc&dfpbd=0.0130&dn=pastelink.net&infl=flr&iwb=1&ogcbdp=0.0200&other_bids=0.02&other_prv=460&pbshr=100.0000&prdp=0.0130&requrl=pastelink.net/mmcz79u5/&sat=1&sc=ZG&sc_pvid=460&send_erpm=true&server=1&size=300x250&strg=harmony&totalTime=3625130&ugd=4&ver=9.6.4&cliIP=-1178384640&time_stamp=2023-12-12%2012:41:26&seat=BID_API&itype=appnexus&req_id=3853200231410752905&dfp_bucket=0.0&level_base=0&bdp_bucket=0.0&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=*&model_key=generic_appn_1-cid_0&ogerpm=0.0200&ogerpm_used=false&rawbid=0.0200&totalTimeBucket=3&as_cache=0&sub_bidder=196&current_day=2.0&current_hour=12&cut=35&floor_bucket=0.00&model_version=202312102301_generic_appn_1-cid_0&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.1800&stid=27197328&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=4.3279&bdp_wider_bucket=1&splid=27197328&dim10=false&dmm_m9=0.0000&dmm_m10=1247680&log_less=false&cut_bkt=35&advurl=generalsearch.net/&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=mmcz79u5&clisp=rtb-appnexus-78d5854775-gjspw.SC&dmm_m1=2023-12-12%2012:41:26.894189740&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0200&adtyp=0&gpid_format=DEFAULT&gpid=27197328&gpid_sent=true&pst=EMS&bcrid=446649379&erpm_mult=1.000000&zone=d&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-lite-fb8fd6758-hv6lb&rel_cut_bkt=85&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:29 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 12 Dec 2023 12:41:29 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 56F3 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 12 Dec 2023 12:41:29 GMT
x-guploader-uploadid
ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Tue, 12 Dec 2023 13:41:29 GMT
it
nym1-ib.adnxs.com/ Frame 56F3 		0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKCBfBMggIAAAMA1gAFAQj2qeGrBhDeivTjjpfYtHsY5vzp5rqDnbEaKjYJObTIdr6fij8R_WX35GGhhj8ZAAAAQOF6AEAh_WX35GGhhj8pObQJJAAxCRu4xD8wkP_7DDiZXECVCUhgUKOo_dQBWMvdoQFgAGj99sQBeKSoBYABAYoBA1VTRJIFBvD9mAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHBWeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9tbWN6Nzl1NYADAIgDAZADAJgDFKADAaoDQRIYMzg1MzIwMDIzMTQxMDc1MjkwNV9zYmlkGhM4ODkyNzQ1Mjg2NTc3NjIwMzE4Igk0NDY2NDkzNzkqBU0xMTczwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKMhITD6BBIJAAAAIIySR0ARIUnYaU8gQIgFAZgFAKAFibvDjaCm1Lw1qgUPNzI0MmMwZTYyMGQ2ZmE3wAUAyQUAAAAAAADwP9IFCQFFBQFw2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBq_xAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SoBdIHDRVlASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=675990cda8df2a1fb00652ab328dfbc48e9f71ff&pp=0.0111
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
92f866a4-e52e-494b-8fd2-55c36b94c320
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 56F3 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Wed, 11 Dec 2024 12:41:29 GMT
served
rt.marphezis.com/ Frame E911 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/served?_bc=KgAAETFPWFBYRlBXWXBRUkMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVJeSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSCHELUAF-WFVId0pQA0VAUl9cZVFSUHlEXVV2EFhVUBYHWVR7TwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfwAMBBwVDQgBLU8UECoAAFhwQlpRWFIRChw8EBRYIAtCFiACG1pYWlNeWXxPFwwyDFlWckIRVV1ERRwBJwYUWHhPEAQlGw1aCgcCQhcnBwFIOw87VHRFXF9eTFBdWXBbXEh_NlVXcUZcUTdGTl9AeA==&ver=0.0.21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:29 GMT
access-control-allow-credentials
true
vary
Origin
timp
rt.marphezis.com/ Frame 56F3 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/timp?_bc=KgAAETFPWFBYRlBXWXBRUkMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVJeSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSCHELUAF-WFVId0pQA0VAUl9cZVFSUHlEXVV2EFhVUBYHWVR7TwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfwAMBBwVDQgBLU8UECoAAFhwQlpRWFIRChw8EBRYIAtCFiACG1pYWlNeWXxPFwwyDFlWckIRVV1ERRwBJwYUWHhPEAQlGw1aCgcCQhcnBwFIOw87VHRFXF9eTFBdWXBbXEh_NlVXcUZcUTdGTl9AeA==&ver=0.0.21
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:29 GMT
access-control-allow-credentials
true
vary
Origin
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 12 Dec 2023 12:41:29 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 1D60 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame F6CA 		69 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2665&&kkdd=H*%7CW%7CuH*nh39A&93=Dqq&f9=vPq~DdIddmI~PdBdBII&1YjG=v&VbjO=q&HYf=vv~m&TbHL=*DI6&H9Y=d!oIh!Qnk&HjHY=j.BT08TiT!.H7qWg3G7L8S%3D%3D&HG9Y=~BIId6~dB&b9FL=Dqqw~6q&HH=!t&bH=Kt&HNxV=cyEi4ks4aA7&j9Y=d-y!4~4yl&Tj9Y=4~vDDI~&NTTjb=v&GGG=TFkJN*HgJ*ELHYKJQva3TmDj(E74FGlXXB1SMLCmhDX!Ain32uDeK3%3D%3D&u3Gp=NTTjb%3A%2F%2FjObTLg9xuzxLT&Lu3Gp=3PPaS%3AiiavSPe2dFozFeP&xbL=6&g3=v&C1Y=I&OYTv=d!oScv6~e&OYT~=ddv6~BdvI&XYOTO=bY~%3DxCggRTT%3DqR9CGgEg%3D~qR81LGjV%3Dqzq~Rf3ELwH%3DqzvdRbVVEX9Y%3DqzqvRf9bEbY%3D~m~Rb8X2%3DqRYH~%3DvR9bTV%3D~RbHY%3DF1RfEObx%3D6BdqDRfg~GEbY%3D~q~Dv~v~q6R9CGgEX%3DvPP6zd~RCGgETuH%3DqRbTY%3D~PvmPD~dRgObT%3DRHf81%3DqzDPRf9bECGgEX%3Dqz~vRfg~GE9EbY%3D~q~Dv~v~q~R9j%3DD8ok3HRpXX%3DqRf9bECGgEg%3D~qRG99jCO%3DI%2CIRLT%3D~vRGH%3DvRVT9Y%3D-yqqqqv~Rfg~GE9EX%3DqzqvRGjbEbY%3D~q~Dv~v~qBRf9bEX%3DDmqzdBRCGgEX%3Dqz6BRfg~GECGgEX%3DqRfg~GECGgEf9%3DvaJvBRCGgETf9%3DqRbVVE3G%3DIz6IIBRLHjELLG%3DvqDRCGgEg%3D~qRbgf%3DqR1HOT%3DJvRXX%3DvmBRff%3DqRbVVEVCg%3DqzBvRHfg~GEbY%3D~mIRGpf%3DqRg~GEX%3DvqqqRLGjV%3Dqzq~Rfg~GECGgEuH%3DqaqRjb9EH%3Dv%2Cv%2Cq%2Cq%2Cq%2Cq%2Cq%2CqRXV%3DvRjb9EY%3DqRbVVEbY%3D~q~Dv~v~q~RODjEX%3DvzD~%2CDdzvvRb9Y%3D~BIId6~dBRbY%3DqRC9Y%3D~0OAgcgCtmnjP*3N1WRHfg~GEX%3DqzDPRXTY%3DDqPmmmvqI6I~qdBPPvqmDI~vB~6Dq~DPv6q6DDq~PdBv~dDBmIBDDI6qm~dDmvBqd6PPqPPP~BIBI6BdB6PBImBvPI~6DPDBmD~66BdRf3C%3DqzvdRY~jEg%3DvqRHfg~%3DqzDPRDjHp%3DvqqqRC9V%3DqRYVVEbTG1%3Dx8EbTGOTL1WRY~jEX%3DqzmBR81Y~jEX%3DqzmBRfCGgEX%3D~zqvRbb%3DcsRHH%3D!tRC93%3DJvRHL%3DqRGjbEX%3DDdzvvRGHf%3Dv~zI~RfCGgEg%3D~qRGjbECGgEX%3DIBzvvR!0%3DDq6mRuXECH%3DJ~RxTb%3DvRuXEHHub%3DJ~RZ-~%3Dz)%2Fjz)RHT%3DNCxLxXLG1RXbbEQ4l%3Dcs%2CcsRXOb9b~%3DvmBRXOb9bv%3DvmBR9bkLp%3DqR9fCGgEX%3Dqz6R9b9p%3DqRX9Y%3DqzqvRGjbECGgEg%3D~qRYH%3DdRfg~GEX%3DvzD~R9fCGgEg%3D~qRHXYj%3Dqzqv~R9TWjLE9Y%3DvBRbLggLGETO1E9Y%3D~PvmPD~dRbCjjgWETO1E9Y%3D~PvmPD~dRf9L3OX9g9TW%3DqzvdD6mBRj8b%3DqRHOGG9LG0Y%3DqR81X9Y%3Dqzqv~RXpgG%3Dqzqv~RbC9Y%3DRYTH%3DLObTEbHRYVVELGjV%3DpOgbLRYVV%3Dx8EbTGOTL1WRXYjHOjY%3DqRYOg1%3DVG1JIzqR9xbg%3DqRb8Xj%3DRNTVg%3DvRYHCT%3DIqRY81X%3DqJvR9XH%3DvRxbF%3DvRT1b%3DDqqw~6qRXbX%3DqRXbj%3DqRTVw%3DvqB&xTf=q&VVV=b8WLsMwkQxpLAC3n9akjq-jTvGHPLIp39(Tp1D!*-M(Lsmv0DPA4nEfSSadL7hnBkp8g4OsKca*1G19cno!!D3%3D%3D&9x0pG=v&XYG0Y=IBq&X9Y=DIdvIq&uTTgL=.OWbVOx%20l81N9GLx%20yWOuN9g8VL%3A%20s%20!g8bLG%20*88u%20OT%20-ObT8G%20!NG9b%26Gb(C8%3B%20cLjNL3%20J%20-ObTLg9xuzxLT&VHp=mm~q&WYbjG=v&uOTjGL=v&uOTX9Y=Jvq~&HOY8VO9x=TFkJN*HgJ*dQTy*IeK89!QNdTHDsjFCDjUd9jqLI-Fa%3D&Wjgj=v&9b9Y=6&OYf=ALxLGOg%20iLOGHN&j19Y=jqDIDDPddBdT~q~Dv~v~v~Iv&bbgY=%7B%22bb9j%22%3A%22vd6zvm6zPvzq%22%2C%22bbHH%22%3A%22!t%22%2C%22bbbH%22%3A%22KA%22%2C%22bbHTW%22%3A%22t%C3%83%C2%BCxLxXLG1%22%7D&NTVgbGH=v&sflct=272060&ure=1
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf3e0ecfd528ee70f8e1cfaaa71ae06f2002eae3bd465c14e5f056d32edccda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26424
content-type
text/html
date
Tue, 12 Dec 2023 12:41:29 GMT
expires
Tue, 12 Dec 2023 12:41:29 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-lahh
checksync.php
contextual.media.net/ Frame EFC6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5965
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:29 GMT
expires
Thu, 14 Dec 2023 12:41:29 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 1D60 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2248&&vgd_cdv=1129&vgd_cage=6&vgd_tsce=L345&vgd_mcf=9920&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=264485286&vi=1702384889427868644&ugd=4&lf=6&kwrf=https%3A%2F%2Fpastelink.net&cc=CH&sc=ZH&lper=100&wsip=170785101&r=1702384889624&rrr=tzR-hLcl-L_ecdZ-K1Ewt93pq_YTzrWbb6gQXeu9F3bCGSBwjk3JZw%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uW~QYYMG8Ov9.9u~e8QMQOvfif~QmGdv9~ONfvu~8Q7Yvf~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAufuf9X~8xLjMGvuhhX.Wf~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~Nemyv9.Ah~e8QMxLjMGv9.fu~ejfLM8MQOvf9fAufuf9f~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vH%2CH~J7vfu~LNvu~Y78Ov0a9999uf~ejfLM8MGv9.9u~LEQMQOvf9fAufuf9F~e8QMGvAi9.WF~xLjMGv9.XF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvH.XHHF~JNEMJJLvu9A~xLjMjvf9~Qjev9~yN17vou~GGvuiF~eev9~QYYMYxjv9.Fu~NejfLMQOvfiH~Lkev9~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~QYYMQOvf9fAufuf9f~1AEMGvu.Af%2CAW.uu~Q8OvfFHHWXfWF~QOv9~x8OvfV1ZjIjxqiREhTBwy5~NejfLMGv9.Ah~G7OvA9hiiiu9HXHf9WFhhu9iAHfuFfXA9fAhuX9XAA9fhWFufWAFiHFAAHX9ifWAiuF9WXhh9hhhfFHFHXFWFXhFHiFuhHfXAhAFiAfXXFW~eBxv9.uW~OfEMjvu9~Nejfv9.Ah~AENkvu999~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvf.9u~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAW.uu~LNevuf.Hf~exLjMjvf9~LEQMxLjMGvHF.uu~%3DVvA9Xi~UGMxNvof~z7Qvu~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~G8Ov9.9u~LEQMxLjMjvf9~ONvW~ejfLMGvu.Af~8exLjMjvf9~NGOEv9.9uf~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.uWAXiF~EmQv9~N1LL8JLVOv9~myG8Ov9.9uf~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvzmMQ7L17Jy5~GOEN1EOv9~O1jyvYLyoH.9~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vu9F&ssld=%7B%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQNN%22%3A%22%3Dq%22%2C%22QQQN%22%3A%222Z%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%7D&vgd_bid=348140&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=56803&vgd_rakh=1702384889136591735&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_pgid=p0343378868t202312121241&vgd_pgids=1&vgd_uspa=0&hvsid=00001702384889621031165826561699&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Dec 2023 12:41:29 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Dec 2023 12:41:29 GMT
checksync.php
contextual.media.net/ Frame A04E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99,77,20000,2033,262,460,241,461,462,3018,246,4,3016,313,10000,459,229,9,319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
414b2111bf44efcc2e0779b243b2287f595624c373b8ef8f7a6e7be8a5cf73c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8070
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:29 GMT
expires
Thu, 14 Dec 2023 12:41:29 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 1D60 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=4951&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&cc=CH&cid=8CUQN152J&reqid=3853200231410752905&vid=3853200231410752905&dn=pastelink.net&rawDn=pastelink.net&requrl_dn=pastelink.net&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https://pastelink.net/mmcz79u5&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=ZG&ct=H%C3%83%C2%BCnenberg&zip=6331&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-appnexus-78d5854775-gjspw.SC&dtc=east_sc&zone=d&ptype=23&tmax=150&xtmax=140&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=56803&sckfl=0&sckfl2=0&smbrid=11801&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-2194068&geoll=true&is_ortb=true&s_ip=68.67.180.0&s_city=secaucus&commit_id=ab37386b&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-11+00:00:00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&proxy=envoy&rtttime=38&req_tid_present=true&pvid=460&prvAccId=264485286&prvApiId=8CU4FCKBR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=881526814&prspt=headerBid&prvReqId=9218263305438_1076720496_8815268144601&size=300x250&chnl=NO_STRATEGY&bdp=0.012&bid_uuid=fdf028c8e78d558051e6400f7a4d6f32&cbdp=0.012&og_cbdp=0.012&ogbdp=0.012&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https://generalsearch.net&dfpBd=0.012&dsrc=-2&dp=0&dbf=1&epc=264485286&s=1&snm=SUCCESS&pcrid=8CU4FCKBR-264485286-50-7&tpbTkn=false&exid=218&bidflr=0.012&pbidflr=0.012&opbidflr=0.012&spbf=0&viewability=18&sbdrid=196&exp=ssProfile=0|sfl=false|ssBucket=0|bfl=-100|sch=1|clt=3|tpi=1|fl_rl=1|kbb_se=1|dbr=1|sfl=false|bfl=-100|tpi=1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1702384886892&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.02&dmm_erpm=false&dmm_ogerpm=false&bcrid=446649379&strg=NO_STRATEGY&stagid=27197328&vls=0&scrid=446649379&mang=1&pvdTmax=106&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU4FCKBR&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU4FCKBR&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27197328&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27197328&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=IPBLOCK_DM:GCS
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Dec 2023 12:41:29 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 971E 		69 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2581&&kkdd=n!%7Cu%7CnHA*39&12=.FI4oRpRRV4VoVV4FZR&381=rT5Tq3-%20HT3qtP&728=opR.pp&s8Lq=.&nzL3=I&t81=..4V&NztT=vopJ&t28=R_Epd_*6U&tLt8=LbZNexNHN_bthIA-(qhTxc%3D%3D&tq28=4ZppRJ4RZ&z2GT=oIIk4JI&tt=_f&zt=)f&tP5n=f!UXWDh&L28=ROW_S4SWa&NL28=S4.oop4&PNNLz=.&qqq=NGUyPvt-yv9Tt8)y*.m(NVoLC9hSGqa77ZscgT0Vdo7_rH6(KBoj)(%3D%3D&B(qY=PNNLz%3A%2F%2FL3zNT-25Bl5TN&TB(qY=(FFmc%3AHHm.cFjKRGElGjF&5zT=J&-(=.&0s8=p&38N.=R_EcD.J4j&38N4=RR.J4ZR.p&783N3=z84%3D50--wNN%3DIw20q-9-%3D4IwxsTqLn%3DIlI4w1(9Tkt%3DIl.Rw12z9z8%3D4V4w8t4%3D.w2zNn%3D4wzt8%3DGsw193z5%3DJZRIow1-4q9z8%3D4I4o.4.4IJw20q-97%3D.FFJlR4w0q-9NBt%3DIwzN8%3D4F.VFo4Rw-3zN%3Dwt1xs%3DIloFw12z90q-97%3DIl4.w1-4q929z8%3D4I4o.4.4I4w2L%3DoxEU(twY77%3DIw12z90q-9-%3D4Iwq22L03%3Dp%2CpwTN%3D4Iwqt%3D4%2CIwnN28%3DOWIIII.4w1-4q9297%3DIlI.wqLz9z8%3D4I4o.4.4IZw12z97%3DoRZlopw0q-97%3DIlJZw1-4q90q-97%3DIw1-4q90q-912%3D.my.Zw0q-9N12%3DIwTtL9TTq%3D.Iow0q-9-%3D4Iwz-1%3DIwst3N%3Dy.w77%3D.VZw11%3DIwt1-4q9z8%3D4VpwqY1%3DIw-4q97%3D.IIIwTqLn%3DIlI4w1-4q90q-9Bt%3DImIwLz29t%3D.%2C.%2CI%2CI%2CI%2CI%2CI%2CIw7n%3D.wLz298%3DIw3oL97%3D.lo4%2CoRl..wz28%3D4ZppRJ4RZwz8%3DIw028%3D4e3r2sVoF**fW**x3Jwt1-4q97%3DIloFw7N8%3DoIFVVV.IpJp4IRoJRR44pFI4ZFp..4RV.oFVV.o.Jo4JpR4o.FVo4IIII.pFJV.4FppF.RR4ZV.4oIppIJRVVZ.ooV4RFpJpJZ.pRpRw1(0%3DIl.Rw84L9-%3D.Iwt1-4%3DIloFwoLtY%3D.IIIw02n%3DIw8nn9zNqs%3DP3qnx5Aw84L97%3DIlVRwxs84L97%3DIlVZw10q-97%3D4lI.wzz%3DD!wtt%3D_fw02(%3Dy.wtT%3DIwqLz97%3DoRl..wqt1%3D.4lp4w10q-9-%3D4IwqLz90q-97%3DpZl..w_e%3DoIJVwB790t%3Dy4w5Nz%3D.wB79ttBz%3Dy4wXO4%3DlM%2FLlMwtN%3DP05T57Tqsw7zz9*Sa%3DD!%2CD!w73z2z4%3D.VZw73z2z.%3D.VZw2zUTY%3DIw210q-97%3DIlJw2z2Y%3DIw728%3DIlI4wqLz90q-9-%3D4Iw8t%3DRw1-4q97%3D.lo4w210q-9-%3D4Iwt78L%3DIlI.ow2NALT928%3D.ZwzT--Tq9N3s928%3D4F.VFo4Rwz0LL-A9N3s928%3D4F.VFo4Rw12T(372-2NA%3DIl.RoJVZwLxz%3DIwt3qq2Tqe8%3DIwxs728%3DIlI4Iw7Y-q%3DIlI.4wz028%3Dw8Nt%3DT3zN9ztw8nn9TqLn%3DY3-zTw8nn%3DP3qnx5Aw78Lt3L8%3DIw83-s%3D052zx54Zw25z-%3DIwzx7L%3DwPNn-%3D.w8t0N%3DoJw8xs7%3DIy.w27t%3D.w5zG%3D.wNsz%3DoIIk4JIw7z7%3DIw7zL%3DIwNnk%3D.IZ&5N1=I&nnn=zxAT!gkU*5YTr0(62mULIOLN.qtFTpY(2CNYso_vOgCT!V.eoFrS691ccmRThd6ZUYx-S3!)Dmvsqs2D6E__o(%3D%3D&2(=oII&25eYq=.&78qe8=pZI&BNN-T=b3Azn35%20axsP2qT5%20WA3BP2-xnT%3A%20!%20_-xzTq%20vxxB%203N%20O3zNxq%20_Pq2z%26qzC0x%3B%20DTLPT(%20y%20O3zNT-25Bl5TN&ntY=VV4I&A8zLq=.&B3NLqT=.&B3N728=y.I4&t38xn325=NGUyPvt-yvR*NWvpj)x2_*PRNto!LG0oLiR2LITpOGm%3D&AL-L=.&2z28=J&Ls28=LIopooFRRZRN4I4o.4.4.4p.&zz-8=%7B%22zz2L%22%3A%22.RJl.VJlF.lI%22%2C%22zztt%22%3A%22_f%22%2C%22zzzt%22%3A%22)r%22%2C%22zztNA%22%3A%22f%C3%83%C2%BC5T57Tqs%22%7D&PNn-zqt=.&sflct=272060&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5701c781110c358387e3c43d6a2edfb4fd505d1673234e25844cbdb72dfff406
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
26384
content-type
text/html
date
Tue, 12 Dec 2023 12:41:29 GMT
expires
Tue, 12 Dec 2023 12:41:29 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-tf5s
checksync.php
contextual.media.net/ Frame 5219 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5965
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:29 GMT
expires
Thu, 14 Dec 2023 12:41:29 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 56F3 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2180&&vgd_cdv=1129&vgd_cage=6&vgd_tsce=L345&vgd_mcf=9920&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=264485286&vi=1702384889293992768&ugd=4&lf=6&kwrf=https%3A%2F%2Fpastelink.net&cc=CH&sc=ZH&lper=100&wsip=170785101&r=1702384889659&rrr=tzR-hLcl-L_ecdZ-K1Ewt93pq_YTzrWbb6gQXeu9F3bCGSBwjk3JZw%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uW~e8QMQOvfif~ONfvu~8Q7Yvf~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAufuf9X~8xLjMGvuhhX.Wf~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~Nemyv9.Ah~e8QMxLjMGv9.fu~ejfLM8MQOvf9fAufuf9f~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vH%2CH~J7vf9~LNvf%2C9~Y78Ov0a9999uf~ejfLM8MGv9.9u~LEQMQOvf9fAufuf9F~e8QMGvAWF.AH~xLjMGv9.XF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvu9A~xLjMjvf9~Qjev9~yN17vou~GGvuiF~eev9~NejfLMQOvfiH~Lkev9~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvu.Af%2CAW.uu~Q8OvfFHHWXfWF~QOv9~x8OvfV1Z8yiAhCCqaCCm1X~NejfLMGv9.Ah~G7OvA9hiiiu9HXHf9WAXWWffHh9fFhHuufWiuAhiiuAuXAfXHWfAuhiAf9999uHhXiufhHHhuWWfFiufA9HH9XWiiFuAAifWhHXHXFuHWHW~eBxv9.uW~OfEMjvu9~Nejfv9.Ah~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvf.9u~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAW.uu~LNevuf.Hf~exLjMjvf9~LEQMxLjMGvHF.uu~%3DVvA9Xi~UGMxNvof~z7Qvu~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~G8Ov9.9f~LEQMxLjMjvf9~ONvW~ejfLMGvu.Af~8exLjMjvf9~NGOEv9.9uA~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.uWAXiF~EmQv9~N1LL8JLVOv9~myG8Ov9.9f9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~8zQjv9~QmGEv~w7Yjvu~ONx7vAX~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vu9F&ssld=%7B%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQNN%22%3A%22%3Dq%22%2C%22QQQN%22%3A%222Z%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%7D&vgd_bid=348144&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=56803&vgd_rakh=1702384889102867210&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_pgid=p0343378868t202312121241&vgd_pgids=4&vgd_uspa=0&hvsid=00001702384889658031165826568301&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Dec 2023 12:41:29 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Dec 2023 12:41:29 GMT
checksync.php
contextual.media.net/ Frame FD61 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99,77,20000,2033,262,460,241,461,462,3018,246,4,3016,313,10000,459,229,9,319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
414b2111bf44efcc2e0779b243b2287f595624c373b8ef8f7a6e7be8a5cf73c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8070
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:29 GMT
expires
Thu, 14 Dec 2023 12:41:29 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 56F3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=4855&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&cc=CH&cid=8CUQN152J&reqid=3853200231410752905&vid=3853200231410752905&dn=pastelink.net&rawDn=pastelink.net&requrl_dn=pastelink.net&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https://pastelink.net/mmcz79u5&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=ZG&ct=H%C3%83%C2%BCnenberg&zip=6331&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-appnexus-78d5854775-gjspw.SC&dtc=east_sc&zone=d&ptype=23&tmax=150&xtmax=140&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=56803&sckfl=0&sckfl2=0&smbrid=11801&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-2194068&geoll=true&is_ortb=true&s_ip=68.67.180.0&s_city=secaucus&commit_id=ab37386b&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-11+00:00:00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&proxy=envoy&rtttime=38&req_tid_present=true&pvid=460&prvAccId=264485286&prvApiId=8CU4FCKBR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=881526814&prspt=headerBid&prvReqId=527623195407142_2147093356_8815268144601&size=300x250&chnl=HARMONY&bdp=0.020&bid_uuid=be052df57346e708275a83f1ca0de0e5&cbdp=0.013&og_cbdp=0.020&ogbdp=0.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https://generalsearch.net&dfpBd=0.013&dsrc=-2&dp=0&dbf=1&epc=264485286&s=1&snm=SUCCESS&pcrid=8CU4FCKBR-264485286-50-29&tpbTkn=false&exid=218&bidflr=0.012&pbidflr=0.012&opbidflr=0.012&spbf=0&viewability=18&sbdrid=196&exp=ssProfile=0|sfl=false|ssBucket=0|bfl=-100|sch=1|clt=3|tpi=1|fl_rl=1|kbb_se=1|dbr=1|sfl=false|bfl=-100|tpi=1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1702384886892&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.02&dmm_erpm=true&dmm_ogerpm=false&bcrid=446649379&strg=HARMONY&stagid=27197328&vls=0&scrid=446649379&mang=1&pvdTmax=106&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU4FCKBR&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU4FCKBR&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27197328&mx_tgs=300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27197328&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=IPBLOCK_DM:GCS
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Dec 2023 12:41:29 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AB6E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14580
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Dec 2023 12:41:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
496, 56361
X-Served-By
cache-lga13626-LGA, cache-mxp6922-MXP
X-Timer
S1702384890.744226,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 1D60 		0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKkBKAkAgAAAwDWAAUBCPap4asGEMDijeCf2_eSdRjm_OnmuoOdsRoqNgkAAAkCABEJBywAABkAAABA4XoAQCEREgApEQkAMQkb9FMBxD8wkP_7DDiZXEDlAUgCUKXd-xNYy92hAWAAaP32xAF4pKgFgAEBigEAkgEDVVNEmAHYBaABWqgBAbABALgBAsABAcgBANABANgBAOABAPABANgCAOAC0cFZ6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L21tY3o3OXU1gAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCADgBADwBKXd-xP6BBIJAAAAIIySR0ARAAAAQGlPIECIBQGYBQCgBQCqBQ83MjQyYzBlNjIwZDZmYTfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUA8AUA-gUECAAQAJAGAJgGALgGAMEGAC1jENoGFgoQDQwVAXQQABgA4AYA8gYCCACABwGIBwCgBwDIB6SoBdIHDQkRJwEmDNoHBggFCZjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=98b818954e4488bacde26b06ebc4fcc0cfae7f0e&bdref=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpastelink.net%2Fmmcz79u5,https%3A%2F%2Fpastelink.net%2Fmmcz79u5,https%3A%2F%2Fpastelink.net%2Fmmcz79u5&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
fb4a37ce-de0e-4860-b41c-625822c8f822
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame BBB4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
98f2b2ada7d95a1786333f2705b3d5b2712955156bc29bc254815552600549bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1533
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8DBC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14580
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Dec 2023 12:41:29 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
496, 56362
X-Served-By
cache-lga13626-LGA, cache-mxp6922-MXP
X-Timer
S1702384890.774647,VS0,VE0
rd_log
nym1-ib.adnxs.com/ Frame 56F3 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKkBKAkAgAAAwDWAAUBCPap4asGEMDijeCf2_eSdRjm_OnmuoOdsRoqNgkAAAkCABEJBywAABkAAABA4XoAQCEREgApEQkAMQkb9FMBxD8wkP_7DDiZXEDlAUgCUKXd-xNYy92hAWAAaP32xAF4pKgFgAEBigEAkgEDVVNEmAHYBaABWqgBAbABALgBAsABAcgBANABANgBAOABAPABANgCAOAC0cFZ6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L21tY3o3OXU1gAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCADgBADwBKXd-xP6BBIJAAAAIIySR0ARAAAAQGlPIECIBQGYBQCgBQCqBQ83MjQyYzBlNjIwZDZmYTfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUA8AUA-gUECAAQAJAGAJgGALgGAMEGAC1jENoGFgoQDQwVAXQQABgA4AYA8gYCCACABwGIBwCgBwDIB6SoBdIHDQkRJwEmDNoHBggFCZjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=98b818954e4488bacde26b06ebc4fcc0cfae7f0e&bdref=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpastelink.net%2Fmmcz79u5,https%3A%2F%2Fpastelink.net%2Fmmcz79u5,https%3A%2F%2Fpastelink.net%2Fmmcz79u5&
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
08aca0da-4a55-42c2-92ae-b6a137ede7ca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame BBB4 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x25 config_version:"2665" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:29 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x25 config_version:"2665"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 12:41:28 GMT
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
02259e26-ea12-4b77-a67e-d975798c7fcc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:29 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702384889879095-411
tap.php
pixel.rubiconproject.com/ Frame BBB4 		42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame BBB4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L74jhoIKr2EUmfVx43cBKqQYg1uGj0A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L74jhoIKr2EUmfVx43cBKqQYg1uGj0A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L74jhoIKr2EUmfVx43cBKqQYg1uGj0A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=5566155699205740968
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=5566155699205740968
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=5566155699205740968
date
Tue, 12 Dec 2023 12:41:29 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame BBB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame BBB4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VSYZV194Y0T7DEDE7QCT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
date
Tue, 12 Dec 2023 12:41:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
date
Tue, 12 Dec 2023 12:41:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame BBB4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame BBB4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=f96f0221-3921-4dc1-a9ba-f7fc74506f74&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fd...
  • https://x.bidswitch.net/sync?dsp_id=446&user_id=665210dc-b78c-4eac-956d-404a3a5425ef&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74
  • https://onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
date
Tue, 12 Dec 2023 12:41:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
setuid
u.4dex.io/ Frame BBB4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=onetag&uid=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame AB6E 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11801&pub_id=2194068&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
36a5b27c-5612-4682-8068-ad4b0e6a9473
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8DBC 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11801&pub_id=2194068&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
7fffcdf8-4838-47ae-a28f-39addea028f6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rendered
rt.marphezis.com/ Frame 1D60 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/rendered?_bc=KgAAETFPWFBYRlBXWXBRUkMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVNdSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSWytZUlEpX1xIcUZdBkVAUg5fZQgAVixEAAR1FwsCUBdQDA8pTwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfwAMBBwVDQgBLU8UECoAAFhwQlpRWFIRChw8EBRYIAtCFiACG1pYWlNeXntPFwwyDFlWckIRVV1ERRwBJwYUWHhPEAQlGw1aCgcCQhcnBwFIOw87VHRFXF9eTFBdWXBbXEh_NlVXcUZcUTdGTl9AeQ==&ver=0.0.21
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:28 GMT
access-control-allow-credentials
true
vary
Origin
vevent
nym1-ib.adnxs.com/ Frame 1D60 		0
662 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKCBfBMggIAAAMA1gAFAQj2qeGrBhCq8tPJhtDq20AY5vzp5rqDnbEaKjYJ-n5qvHSTiD8RiIVa07zjhD8ZAAAAQOF6AEAhiIVa07zjhD8p-n4JJAAxCRu4xD8wkP_7DDiZXECVCUhgUKOo_dQBWMvdoQFgAGj99sQBeKSoBYABAYoBA1VTRJIFBvD9mAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHBWeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9tbWN6Nzl1NYADAIgDAZADAJgDFKADAaoDQRIYMzg1MzIwMDIzMTQxMDc1MjkwNV9zYmlkGhM0NjYzMzgzNDA3NjYzMDUzMDk4Igk0NDY2NDkzNzkqBU0xMTczwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKMhITD6BBIJAAAAIIySR0ARIUnYaU8gQIgFAZgFAKAFibvDjaCm1Lw1qgUPNzI0MmMwZTYyMGQ2ZmE3wAUAyQUAAAAAAADwP9IFCQFFBQFw2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBq_xAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SoBdIHDRVlASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=cdadd9a83acb8db92bfee9999453d89ca4bc3c3e&type=nv&nvt=5&jm=1003&px=1078&py=798&bw=300&bh=250&sid=5386308791820843971&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27197328&sw=1600&sh=1200&pw=1600&ph=2244&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
2deb1165-3030-42dc-90f9-b2f3955494d7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rendered
rt.marphezis.com/ Frame 56F3 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/rendered?_bc=KgAAETFPWFBYRlBXWXBRUkMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVJeSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSCHELUAF-WFVId0pQA0VAUl9cZVFSUHlEXVV2EFhVUBYHWVR7TwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfwAMBBwVDQgBLU8UECoAAFhwQlpRWFIRChw8EBRYIAtCFiACG1pYWlNeWXxPFwwyDFlWckIRVV1ERRwBJwYUWHhPEAQlGw1aCgcCQhcnBwFIOw87VHRFXF9eTFBdWXBbXEh_NlVXcUZcUTdGTl9AeA==&ver=0.0.21
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Tue, 12 Dec 2023 12:41:29 GMT
access-control-allow-credentials
true
vary
Origin
vevent
nym1-ib.adnxs.com/ Frame 56F3 		0
662 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKCBfBMggIAAAMA1gAFAQj2qeGrBhDeivTjjpfYtHsY5vzp5rqDnbEaKjYJObTIdr6fij8R_WX35GGhhj8ZAAAAQOF6AEAh_WX35GGhhj8pObQJJAAxCRu4xD8wkP_7DDiZXECVCUhgUKOo_dQBWMvdoQFgAGj99sQBeKSoBYABAYoBA1VTRJIFBvD9mAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHBWeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9tbWN6Nzl1NYADAIgDAZADAJgDFKADAaoDQRIYMzg1MzIwMDIzMTQxMDc1MjkwNV9zYmlkGhM4ODkyNzQ1Mjg2NTc3NjIwMzE4Igk0NDY2NDkzNzkqBU0xMTczwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKMhITD6BBIJAAAAIIySR0ARIUnYaU8gQIgFAZgFAKAFibvDjaCm1Lw1qgUPNzI0MmMwZTYyMGQ2ZmE3wAUAyQUAAAAAAADwP9IFCQFFBQFw2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBq_xAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SoBdIHDRVlASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=675990cda8df2a1fb00652ab328dfbc48e9f71ff&type=nv&nvt=5&jm=1003&px=1078&py=498&bw=300&bh=250&sid=5386308791820843971&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27197328&sw=1600&sh=1200&pw=1600&ph=2244&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
an-x-request-uuid
bb881bb1-190f-49ba-809c-8c0f183fa20d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame F6CA 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F6CA 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame F6CA 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2665&&kkdd=H*%7CW%7CuH*nh39A&93=Dqq&f9=vPq~DdIddmI~PdBdBII&1YjG=v&VbjO=q&HYf=vv~m&TbHL=*DI6&H9Y=d!oIh!Qnk&HjHY=j.BT08TiT!.H7qWg3G7L8S%3D%3D&HG9Y=~BIId6~dB&b9FL=Dqqw~6q&HH=!t&bH=Kt&HNxV=cyEi4ks4aA7&j9Y=d-y!4~4yl&Tj9Y=4~vDDI~&NTTjb=v&GGG=TFkJN*HgJ*ELHYKJQva3TmDj(E74FGlXXB1SMLCmhDX!Ain32uDeK3%3D%3D&u3Gp=NTTjb%3A%2F%2FjObTLg9xuzxLT&Lu3Gp=3PPaS%3AiiavSPe2dFozFeP&xbL=6&g3=v&C1Y=I&OYTv=d!oScv6~e&OYT~=ddv6~BdvI&XYOTO=bY~%3DxCggRTT%3DqR9CGgEg%3D~qR81LGjV%3Dqzq~Rf3ELwH%3DqzvdRbVVEX9Y%3DqzqvRf9bEbY%3D~m~Rb8X2%3DqRYH~%3DvR9bTV%3D~RbHY%3DF1RfEObx%3D6BdqDRfg~GEbY%3D~q~Dv~v~q6R9CGgEX%3DvPP6zd~RCGgETuH%3DqRbTY%3D~PvmPD~dRgObT%3DRHf81%3DqzDPRf9bECGgEX%3Dqz~vRfg~GE9EbY%3D~q~Dv~v~q~R9j%3DD8ok3HRpXX%3DqRf9bECGgEg%3D~qRG99jCO%3DI%2CIRLT%3D~vRGH%3DvRVT9Y%3D-yqqqqv~Rfg~GE9EX%3DqzqvRGjbEbY%3D~q~Dv~v~qBRf9bEX%3DDmqzdBRCGgEX%3Dqz6BRfg~GECGgEX%3DqRfg~GECGgEf9%3DvaJvBRCGgETf9%3DqRbVVE3G%3DIz6IIBRLHjELLG%3DvqDRCGgEg%3D~qRbgf%3DqR1HOT%3DJvRXX%3DvmBRff%3DqRbVVEVCg%3DqzBvRHfg~GEbY%3D~mIRGpf%3DqRg~GEX%3DvqqqRLGjV%3Dqzq~Rfg~GECGgEuH%3DqaqRjb9EH%3Dv%2Cv%2Cq%2Cq%2Cq%2Cq%2Cq%2CqRXV%3DvRjb9EY%3DqRbVVEbY%3D~q~Dv~v~q~RODjEX%3DvzD~%2CDdzvvRb9Y%3D~BIId6~dBRbY%3DqRC9Y%3D~0OAgcgCtmnjP*3N1WRHfg~GEX%3DqzDPRXTY%3DDqPmmmvqI6I~qdBPPvqmDI~vB~6Dq~DPv6q6DDq~PdBv~dDBmIBDDI6qm~dDmvBqd6PPqPPP~BIBI6BdB6PBImBvPI~6DPDBmD~66BdRf3C%3DqzvdRY~jEg%3DvqRHfg~%3DqzDPRDjHp%3DvqqqRC9V%3DqRYVVEbTG1%3Dx8EbTGOTL1WRY~jEX%3DqzmBR81Y~jEX%3DqzmBRfCGgEX%3D~zqvRbb%3DcsRHH%3D!tRC93%3DJvRHL%3DqRGjbEX%3DDdzvvRGHf%3Dv~zI~RfCGgEg%3D~qRGjbECGgEX%3DIBzvvR!0%3DDq6mRuXECH%3DJ~RxTb%3DvRuXEHHub%3DJ~RZ-~%3Dz)%2Fjz)RHT%3DNCxLxXLG1RXbbEQ4l%3Dcs%2CcsRXOb9b~%3DvmBRXOb9bv%3DvmBR9bkLp%3DqR9fCGgEX%3Dqz6R9b9p%3DqRX9Y%3DqzqvRGjbECGgEg%3D~qRYH%3DdRfg~GEX%3DvzD~R9fCGgEg%3D~qRHXYj%3Dqzqv~R9TWjLE9Y%3DvBRbLggLGETO1E9Y%3D~PvmPD~dRbCjjgWETO1E9Y%3D~PvmPD~dRf9L3OX9g9TW%3DqzvdD6mBRj8b%3DqRHOGG9LG0Y%3DqR81X9Y%3Dqzqv~RXpgG%3Dqzqv~RbC9Y%3DRYTH%3DLObTEbHRYVVELGjV%3DpOgbLRYVV%3Dx8EbTGOTL1WRXYjHOjY%3DqRYOg1%3DVG1JIzqR9xbg%3DqRb8Xj%3DRNTVg%3DvRYHCT%3DIqRY81X%3DqJvR9XH%3DvRxbF%3DvRT1b%3DDqqw~6qRXbX%3DqRXbj%3DqRTVw%3DvqB&xTf=q&VVV=b8WLsMwkQxpLAC3n9akjq-jTvGHPLIp39(Tp1D!*-M(Lsmv0DPA4nEfSSadL7hnBkp8g4OsKca*1G19cno!!D3%3D%3D&9x0pG=v&XYG0Y=IBq&X9Y=DIdvIq&uTTgL=.OWbVOx%20l81N9GLx%20yWOuN9g8VL%3A%20s%20!g8bLG%20*88u%20OT%20-ObT8G%20!NG9b%26Gb(C8%3B%20cLjNL3%20J%20-ObTLg9xuzxLT&VHp=mm~q&WYbjG=v&uOTjGL=v&uOTX9Y=Jvq~&HOY8VO9x=TFkJN*HgJ*dQTy*IeK89!QNdTHDsjFCDjUd9jqLI-Fa%3D&Wjgj=v&9b9Y=6&OYf=ALxLGOg%20iLOGHN&j19Y=jqDIDDPddBdT~q~Dv~v~v~Iv&bbgY=%7B%22bb9j%22%3A%22vd6zvm6zPvzq%22%2C%22bbHH%22%3A%22!t%22%2C%22bbbH%22%3A%22KA%22%2C%22bbHTW%22%3A%22t%C3%83%C2%BCxLxXLG1%22%7D&NTVgbGH=v&sflct=272060&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2665&&kkdd=H*%7CW%7CuH*nh39A&93=Dqq&f9=vPq~DdIddmI~PdBdBII&1YjG=v&VbjO=q&HYf=vv~m&TbHL=*DI6&H9Y=d!oIh!Qnk&HjHY=j.BT08TiT!.H7qWg3G7L8S%3D%3D&HG9Y=~BIId6~dB&b9FL=Dqqw~6q&HH=!t&bH=Kt&HNxV=cyEi4ks4aA7&j9Y=d-y!4~4yl&Tj9Y=4~vDDI~&NTTjb=v&GGG=TFkJN*HgJ*ELHYKJQva3TmDj(E74FGlXXB1SMLCmhDX!Ain32uDeK3%3D%3D&u3Gp=NTTjb%3A%2F%2FjObTLg9xuzxLT&Lu3Gp=3PPaS%3AiiavSPe2dFozFeP&xbL=6&g3=v&C1Y=I&OYTv=d!oScv6~e&OYT~=ddv6~BdvI&XYOTO=bY~%3DxCggRTT%3DqR9CGgEg%3D~qR81LGjV%3Dqzq~Rf3ELwH%3DqzvdRbVVEX9Y%3DqzqvRf9bEbY%3D~m~Rb8X2%3DqRYH~%3DvR9bTV%3D~RbHY%3DF1RfEObx%3D6BdqDRfg~GEbY%3D~q~Dv~v~q6R9CGgEX%3DvPP6zd~RCGgETuH%3DqRbTY%3D~PvmPD~dRgObT%3DRHf81%3DqzDPRf9bECGgEX%3Dqz~vRfg~GE9EbY%3D~q~Dv~v~q~R9j%3DD8ok3HRpXX%3DqRf9bECGgEg%3D~qRG99jCO%3DI%2CIRLT%3D~vRGH%3DvRVT9Y%3D-yqqqqv~Rfg~GE9EX%3DqzqvRGjbEbY%3D~q~Dv~v~qBRf9bEX%3DDmqzdBRCGgEX%3Dqz6BRfg~GECGgEX%3DqRfg~GECGgEf9%3DvaJvBRCGgETf9%3DqRbVVE3G%3DIz6IIBRLHjELLG%3DvqDRCGgEg%3D~qRbgf%3DqR1HOT%3DJvRXX%3DvmBRff%3DqRbVVEVCg%3DqzBvRHfg~GEbY%3D~mIRGpf%3DqRg~GEX%3DvqqqRLGjV%3Dqzq~Rfg~GECGgEuH%3DqaqRjb9EH%3Dv%2Cv%2Cq%2Cq%2Cq%2Cq%2Cq%2CqRXV%3DvRjb9EY%3DqRbVVEbY%3D~q~Dv~v~q~RODjEX%3DvzD~%2CDdzvvRb9Y%3D~BIId6~dBRbY%3DqRC9Y%3D~0OAgcgCtmnjP*3N1WRHfg~GEX%3DqzDPRXTY%3DDqPmmmvqI6I~qdBPPvqmDI~vB~6Dq~DPv6q6DDq~PdBv~dDBmIBDDI6qm~dDmvBqd6PPqPPP~BIBI6BdB6PBImBvPI~6DPDBmD~66BdRf3C%3DqzvdRY~jEg%3DvqRHfg~%3DqzDPRDjHp%3DvqqqRC9V%3DqRYVVEbTG1%3Dx8EbTGOTL1WRY~jEX%3DqzmBR81Y~jEX%3DqzmBRfCGgEX%3D~zqvRbb%3DcsRHH%3D!tRC93%3DJvRHL%3DqRGjbEX%3DDdzvvRGHf%3Dv~zI~RfCGgEg%3D~qRGjbECGgEX%3DIBzvvR!0%3DDq6mRuXECH%3DJ~RxTb%3DvRuXEHHub%3DJ~RZ-~%3Dz)%2Fjz)RHT%3DNCxLxXLG1RXbbEQ4l%3Dcs%2CcsRXOb9b~%3DvmBRXOb9bv%3DvmBR9bkLp%3DqR9fCGgEX%3Dqz6R9b9p%3DqRX9Y%3DqzqvRGjbECGgEg%3D~qRYH%3DdRfg~GEX%3DvzD~R9fCGgEg%3D~qRHXYj%3Dqzqv~R9TWjLE9Y%3DvBRbLggLGETO1E9Y%3D~PvmPD~dRbCjjgWETO1E9Y%3D~PvmPD~dRf9L3OX9g9TW%3DqzvdD6mBRj8b%3DqRHOGG9LG0Y%3DqR81X9Y%3Dqzqv~RXpgG%3Dqzqv~RbC9Y%3DRYTH%3DLObTEbHRYVVELGjV%3DpOgbLRYVV%3Dx8EbTGOTL1WRXYjHOjY%3DqRYOg1%3DVG1JIzqR9xbg%3DqRb8Xj%3DRNTVg%3DvRYHCT%3DIqRY81X%3DqJvR9XH%3DvRxbF%3DvRT1b%3DDqqw~6qRXbX%3DqRXbj%3DqRTVw%3DvqB&xTf=q&VVV=b8WLsMwkQxpLAC3n9akjq-jTvGHPLIp39(Tp1D!*-M(Lsmv0DPA4nEfSSadL7hnBkp8g4OsKca*1G19cno!!D3%3D%3D&9x0pG=v&XYG0Y=IBq&X9Y=DIdvIq&uTTgL=.OWbVOx%20l81N9GLx%20yWOuN9g8VL%3A%20s%20!g8bLG%20*88u%20OT%20-ObT8G%20!NG9b%26Gb(C8%3B%20cLjNL3%20J%20-ObTLg9xuzxLT&VHp=mm~q&WYbjG=v&uOTjGL=v&uOTX9Y=Jvq~&HOY8VO9x=TFkJN*HgJ*dQTy*IeK89!QNdTHDsjFCDjUd9jqLI-Fa%3D&Wjgj=v&9b9Y=6&OYf=ALxLGOg%20iLOGHN&j19Y=jqDIDDPddBdT~q~Dv~v~v~Iv&bbgY=%7B%22bb9j%22%3A%22vd6zvm6zPvzq%22%2C%22bbHH%22%3A%22!t%22%2C%22bbbH%22%3A%22KA%22%2C%22bbHTW%22%3A%22t%C3%83%C2%BCxLxXLG1%22%7D&NTVgbGH=v&sflct=272060&ure=1
Origin
https://contextual.media.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Wed, 13 Dec 2023 12:41:29 GMT
truncated
/ Frame 971E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 971E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 971E 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2581&&kkdd=n!%7Cu%7CnHA*39&12=.FI4oRpRRV4VoVV4FZR&381=rT5Tq3-%20HT3qtP&728=opR.pp&s8Lq=.&nzL3=I&t81=..4V&NztT=vopJ&t28=R_Epd_*6U&tLt8=LbZNexNHN_bthIA-(qhTxc%3D%3D&tq28=4ZppRJ4RZ&z2GT=oIIk4JI&tt=_f&zt=)f&tP5n=f!UXWDh&L28=ROW_S4SWa&NL28=S4.oop4&PNNLz=.&qqq=NGUyPvt-yv9Tt8)y*.m(NVoLC9hSGqa77ZscgT0Vdo7_rH6(KBoj)(%3D%3D&B(qY=PNNLz%3A%2F%2FL3zNT-25Bl5TN&TB(qY=(FFmc%3AHHm.cFjKRGElGjF&5zT=J&-(=.&0s8=p&38N.=R_EcD.J4j&38N4=RR.J4ZR.p&783N3=z84%3D50--wNN%3DIw20q-9-%3D4IwxsTqLn%3DIlI4w1(9Tkt%3DIl.Rw12z9z8%3D4V4w8t4%3D.w2zNn%3D4wzt8%3DGsw193z5%3DJZRIow1-4q9z8%3D4I4o.4.4IJw20q-97%3D.FFJlR4w0q-9NBt%3DIwzN8%3D4F.VFo4Rw-3zN%3Dwt1xs%3DIloFw12z90q-97%3DIl4.w1-4q929z8%3D4I4o.4.4I4w2L%3DoxEU(twY77%3DIw12z90q-9-%3D4Iwq22L03%3Dp%2CpwTN%3D4Iwqt%3D4%2CIwnN28%3DOWIIII.4w1-4q9297%3DIlI.wqLz9z8%3D4I4o.4.4IZw12z97%3DoRZlopw0q-97%3DIlJZw1-4q90q-97%3DIw1-4q90q-912%3D.my.Zw0q-9N12%3DIwTtL9TTq%3D.Iow0q-9-%3D4Iwz-1%3DIwst3N%3Dy.w77%3D.VZw11%3DIwt1-4q9z8%3D4VpwqY1%3DIw-4q97%3D.IIIwTqLn%3DIlI4w1-4q90q-9Bt%3DImIwLz29t%3D.%2C.%2CI%2CI%2CI%2CI%2CI%2CIw7n%3D.wLz298%3DIw3oL97%3D.lo4%2CoRl..wz28%3D4ZppRJ4RZwz8%3DIw028%3D4e3r2sVoF**fW**x3Jwt1-4q97%3DIloFw7N8%3DoIFVVV.IpJp4IRoJRR44pFI4ZFp..4RV.oFVV.o.Jo4JpR4o.FVo4IIII.pFJV.4FppF.RR4ZV.4oIppIJRVVZ.ooV4RFpJpJZ.pRpRw1(0%3DIl.Rw84L9-%3D.Iwt1-4%3DIloFwoLtY%3D.IIIw02n%3DIw8nn9zNqs%3DP3qnx5Aw84L97%3DIlVRwxs84L97%3DIlVZw10q-97%3D4lI.wzz%3DD!wtt%3D_fw02(%3Dy.wtT%3DIwqLz97%3DoRl..wqt1%3D.4lp4w10q-9-%3D4IwqLz90q-97%3DpZl..w_e%3DoIJVwB790t%3Dy4w5Nz%3D.wB79ttBz%3Dy4wXO4%3DlM%2FLlMwtN%3DP05T57Tqsw7zz9*Sa%3DD!%2CD!w73z2z4%3D.VZw73z2z.%3D.VZw2zUTY%3DIw210q-97%3DIlJw2z2Y%3DIw728%3DIlI4wqLz90q-9-%3D4Iw8t%3DRw1-4q97%3D.lo4w210q-9-%3D4Iwt78L%3DIlI.ow2NALT928%3D.ZwzT--Tq9N3s928%3D4F.VFo4Rwz0LL-A9N3s928%3D4F.VFo4Rw12T(372-2NA%3DIl.RoJVZwLxz%3DIwt3qq2Tqe8%3DIwxs728%3DIlI4Iw7Y-q%3DIlI.4wz028%3Dw8Nt%3DT3zN9ztw8nn9TqLn%3DY3-zTw8nn%3DP3qnx5Aw78Lt3L8%3DIw83-s%3D052zx54Zw25z-%3DIwzx7L%3DwPNn-%3D.w8t0N%3DoJw8xs7%3DIy.w27t%3D.w5zG%3D.wNsz%3DoIIk4JIw7z7%3DIw7zL%3DIwNnk%3D.IZ&5N1=I&nnn=zxAT!gkU*5YTr0(62mULIOLN.qtFTpY(2CNYso_vOgCT!V.eoFrS691ccmRThd6ZUYx-S3!)Dmvsqs2D6E__o(%3D%3D&2(=oII&25eYq=.&78qe8=pZI&BNN-T=b3Azn35%20axsP2qT5%20WA3BP2-xnT%3A%20!%20_-xzTq%20vxxB%203N%20O3zNxq%20_Pq2z%26qzC0x%3B%20DTLPT(%20y%20O3zNT-25Bl5TN&ntY=VV4I&A8zLq=.&B3NLqT=.&B3N728=y.I4&t38xn325=NGUyPvt-yvR*NWvpj)x2_*PRNto!LG0oLiR2LITpOGm%3D&AL-L=.&2z28=J&Ls28=LIopooFRRZRN4I4o.4.4.4p.&zz-8=%7B%22zz2L%22%3A%22.RJl.VJlF.lI%22%2C%22zztt%22%3A%22_f%22%2C%22zzzt%22%3A%22)r%22%2C%22zztNA%22%3A%22f%C3%83%C2%BC5T57Tqs%22%7D&PNn-zqt=.&sflct=272060&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2581&&kkdd=n!%7Cu%7CnHA*39&12=.FI4oRpRRV4VoVV4FZR&381=rT5Tq3-%20HT3qtP&728=opR.pp&s8Lq=.&nzL3=I&t81=..4V&NztT=vopJ&t28=R_Epd_*6U&tLt8=LbZNexNHN_bthIA-(qhTxc%3D%3D&tq28=4ZppRJ4RZ&z2GT=oIIk4JI&tt=_f&zt=)f&tP5n=f!UXWDh&L28=ROW_S4SWa&NL28=S4.oop4&PNNLz=.&qqq=NGUyPvt-yv9Tt8)y*.m(NVoLC9hSGqa77ZscgT0Vdo7_rH6(KBoj)(%3D%3D&B(qY=PNNLz%3A%2F%2FL3zNT-25Bl5TN&TB(qY=(FFmc%3AHHm.cFjKRGElGjF&5zT=J&-(=.&0s8=p&38N.=R_EcD.J4j&38N4=RR.J4ZR.p&783N3=z84%3D50--wNN%3DIw20q-9-%3D4IwxsTqLn%3DIlI4w1(9Tkt%3DIl.Rw12z9z8%3D4V4w8t4%3D.w2zNn%3D4wzt8%3DGsw193z5%3DJZRIow1-4q9z8%3D4I4o.4.4IJw20q-97%3D.FFJlR4w0q-9NBt%3DIwzN8%3D4F.VFo4Rw-3zN%3Dwt1xs%3DIloFw12z90q-97%3DIl4.w1-4q929z8%3D4I4o.4.4I4w2L%3DoxEU(twY77%3DIw12z90q-9-%3D4Iwq22L03%3Dp%2CpwTN%3D4Iwqt%3D4%2CIwnN28%3DOWIIII.4w1-4q9297%3DIlI.wqLz9z8%3D4I4o.4.4IZw12z97%3DoRZlopw0q-97%3DIlJZw1-4q90q-97%3DIw1-4q90q-912%3D.my.Zw0q-9N12%3DIwTtL9TTq%3D.Iow0q-9-%3D4Iwz-1%3DIwst3N%3Dy.w77%3D.VZw11%3DIwt1-4q9z8%3D4VpwqY1%3DIw-4q97%3D.IIIwTqLn%3DIlI4w1-4q90q-9Bt%3DImIwLz29t%3D.%2C.%2CI%2CI%2CI%2CI%2CI%2CIw7n%3D.wLz298%3DIw3oL97%3D.lo4%2CoRl..wz28%3D4ZppRJ4RZwz8%3DIw028%3D4e3r2sVoF**fW**x3Jwt1-4q97%3DIloFw7N8%3DoIFVVV.IpJp4IRoJRR44pFI4ZFp..4RV.oFVV.o.Jo4JpR4o.FVo4IIII.pFJV.4FppF.RR4ZV.4oIppIJRVVZ.ooV4RFpJpJZ.pRpRw1(0%3DIl.Rw84L9-%3D.Iwt1-4%3DIloFwoLtY%3D.IIIw02n%3DIw8nn9zNqs%3DP3qnx5Aw84L97%3DIlVRwxs84L97%3DIlVZw10q-97%3D4lI.wzz%3DD!wtt%3D_fw02(%3Dy.wtT%3DIwqLz97%3DoRl..wqt1%3D.4lp4w10q-9-%3D4IwqLz90q-97%3DpZl..w_e%3DoIJVwB790t%3Dy4w5Nz%3D.wB79ttBz%3Dy4wXO4%3DlM%2FLlMwtN%3DP05T57Tqsw7zz9*Sa%3DD!%2CD!w73z2z4%3D.VZw73z2z.%3D.VZw2zUTY%3DIw210q-97%3DIlJw2z2Y%3DIw728%3DIlI4wqLz90q-9-%3D4Iw8t%3DRw1-4q97%3D.lo4w210q-9-%3D4Iwt78L%3DIlI.ow2NALT928%3D.ZwzT--Tq9N3s928%3D4F.VFo4Rwz0LL-A9N3s928%3D4F.VFo4Rw12T(372-2NA%3DIl.RoJVZwLxz%3DIwt3qq2Tqe8%3DIwxs728%3DIlI4Iw7Y-q%3DIlI.4wz028%3Dw8Nt%3DT3zN9ztw8nn9TqLn%3DY3-zTw8nn%3DP3qnx5Aw78Lt3L8%3DIw83-s%3D052zx54Zw25z-%3DIwzx7L%3DwPNn-%3D.w8t0N%3DoJw8xs7%3DIy.w27t%3D.w5zG%3D.wNsz%3DoIIk4JIw7z7%3DIw7zL%3DIwNnk%3D.IZ&5N1=I&nnn=zxAT!gkU*5YTr0(62mULIOLN.qtFTpY(2CNYso_vOgCT!V.eoFrS691ccmRThd6ZUYx-S3!)Dmvsqs2D6E__o(%3D%3D&2(=oII&25eYq=.&78qe8=pZI&BNN-T=b3Azn35%20axsP2qT5%20WA3BP2-xnT%3A%20!%20_-xzTq%20vxxB%203N%20O3zNxq%20_Pq2z%26qzC0x%3B%20DTLPT(%20y%20O3zNT-25Bl5TN&ntY=VV4I&A8zLq=.&B3NLqT=.&B3N728=y.I4&t38xn325=NGUyPvt-yvR*NWvpj)x2_*PRNto!LG0oLiR2LITpOGm%3D&AL-L=.&2z28=J&Ls28=LIopooFRRZRN4I4o.4.4.4p.&zz-8=%7B%22zz2L%22%3A%22.RJl.VJlF.lI%22%2C%22zztt%22%3A%22_f%22%2C%22zzzt%22%3A%22)r%22%2C%22zztNA%22%3A%22f%C3%83%C2%BC5T57Tqs%22%7D&PNn-zqt=.&sflct=272060&ure=1
Origin
https://contextual.media.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Wed, 13 Dec 2023 12:41:30 GMT
bql.php
lg3.media.net/ Frame F6CA 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6000&&vgd_canary=0&vgd_l2type=scs_newfl&fp=7Qp1a2yAgQqtrF-rYirXkLMtV0ic_BnRjdxuZz8TKKpd-9QVEkbPUjzZChkfJ-HEWyjd_6UNV9rVIkRkl0BPfipwl_60EPzVIErvH9jgtB1unhF7Uhtu6vgvY3M3vnCywtbLjpWgckbjdHtInMR4MQ%3D%3D&cme=P_D4ALCHZ28dr_dx2CAdgll4eAWlMgKnK_JvrnqV1wv5ZnkGcpsqg51338SeoLgKJWc2U9Ae4cnaX2pZGt96OhX83owCoc7i3URA139edXCfcW-v0dvUT34yCNNIQMEjOUStuuNlzCDzeCTPUTomE5tF5twI_Ohiv682rymhR3lhdlRpovBXsoJlq2Q-lPTQ98uxu5OAiAVQ8M5mAqOMp8PDlt4WfO4W-spFUMpwCQldpsQbfVnqf1e7bd5g-TEa%7C%7Cxrl5Md8q4-_JOyM93sW-EW1YB9G19zQ3TskEbCw3hNI%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7ClpFSRiL5qq9sIfp9AayLLwTwSNSkKqW-XMI9LrL4t6n3WH_hFaWiXOhlizl8oXktJMJGTq2jtaix-ukCWQT1ufS6s9wpxsbnNM94g5dU1fOFwTdYKhG_1EQXj6cF71vKMNIrZ0QVfSXQd3YUw2ExulxlMsaXHhmLp055aNxwCjxC3kJB1a5qciKArNeEAwpbtUTMPgnAG6MZq4wiWJ4CIDWuhFR4YjDCKoE4WBGGoIQqNiBRUZ0CLjiRJhKXb5Q4iQ2JfY325wIDGshNTEjlvPgLb7UMXCv3%7Cu8A6SM53vAddm10tWuVKqCMJyoPj4lrs%7CDGYsJEiSixHSP5r3D-YKL-HlKobbaQhq%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ca0AmFUYXmD7R2wJ1rjRhMHd8zJXf1_-bCAhTDwvZ-sMsd5ZsAxboRw%3D%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Lowest+Airfare+Flights&kwt[]=391&kbc[]=1261596608&kwp[]=1&kid[]=116435987&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0346%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C12%3D0.10%7C53%3D0.05%7C80%3D1.28%7C74%3D2.46%7C60%3D0.13%7C1%3D0.06%7C2%3D1.91&ktd[]=4503874522251520&kwd[]=No+Experience+High+Paying+Jobs&kwt[]=391&kbc[]=1261596608&kwp[]=2&kid[]=20626549&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0290%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C12%3D0.02%7C53%3D0.07%7C80%3D1.28%7C74%3D2.46%7C60%3D0.15%7C1%3D0.08%7C2%3D2.43&ktd[]=274894881024&kwd[]=10+Best+International+SIM+Cards&kwt[]=391&kbc[]=1261596608&kwp[]=3&kid[]=350801682&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D121120%7C13%3D0.0286%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C12%3D0.01%7C53%3D0.57%7C80%3D1.28%7C74%3D2.46%7C60%3D0.28%7C1%3D0.42%7C2%3D6.64&ktd[]=4503874522251520&kwd[]=10+Best+Perfumes+for+Women&kwt[]=391&kbc[]=1261596608&kwp[]=4&kid[]=32942870&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0235%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C12%3D0.09%7C53%3D0.50%7C80%3D1.28%7C74%3D2.46%7C60%3D0.22%7C1%3D0.42%7C2%3D3.18&ktd[]=4503874522251520&kwd[]=Jobs+for+Over+50&kwt[]=391&kbc[]=1261596608&kwp[]=5&kid[]=105932766&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0264%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C12%3D0.03%7C53%3D0.20%7C80%3D1.28%7C74%3D2.46%7C60%3D0.00%7C1%3D0.17%7C2%3D1.93&ktd[]=274911658240&v=1&gdpr=1&geo=47.18%7C8.43&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=CH&wsip=170774596&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%2C%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQQN%22%3A%222Z%22%7D&cid=8CU4FCKBR&vi=1702384889427868644&vsid=DefVid&tdAdd[]=asnum%3D56803&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L345-S345&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_refdomain=pastelink.net&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c80a&vgd_nrrsf=scrr&vgd_cty=hunenberg&vgd_ifrmode=13&sttm=1702384889621&upk=1702384890.2719&hvsid=00001702384889621031165826561699&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&vgd_l1rakh=1702384889136591735&vgd_ecrid=446649379&vgd_isiolc=1&kbbq=%26asn%3D56803&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uW~QYYMG8Ov9.9u~e8QMQOvfif~QmGdv9~ONfvu~8Q7Yvf~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAufuf9X~8xLjMGvuhhX.Wf~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~Nemyv9.Ah~e8QMxLjMGv9.fu~ejfLM8MQOvf9fAufuf9f~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vH%2CH~J7vfu~LNvu~Y78Ov0a9999uf~ejfLM8MGv9.9u~LEQMQOvf9fAufuf9F~e8QMGvAi9.WF~xLjMGv9.XF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvH.XHHF~JNEMJJLvu9A~xLjMjvf9~Qjev9~yN17vou~GGvuiF~eev9~QYYMYxjv9.Fu~NejfLMQOvfiH~Lkev9~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~QYYMQOvf9fAufuf9f~1AEMGvu.Af%2CAW.uu~Q8OvfFHHWXfWF~QOv9~x8OvfV1ZjIjxqiREhTBwy5~NejfLMGv9.Ah~G7OvA9hiiiu9HXHf9WFhhu9iAHfuFfXA9fAhuX9XAA9fhWFufWAFiHFAAHX9ifWAiuF9WXhh9hhhfFHFHXFWFXhFHiFuhHfXAhAFiAfXXFW~eBxv9.uW~OfEMjvu9~Nejfv9.Ah~AENkvu999~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvf.9u~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAW.uu~LNevuf.Hf~exLjMjvf9~LEQMxLjMGvHF.uu~%3DVvA9Xi~UGMxNvof~z7Qvu~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~G8Ov9.9u~LEQMxLjMjvf9~ONvW~ejfLMGvu.Af~8exLjMjvf9~NGOEv9.9uf~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.uWAXiF~EmQv9~N1LL8JLVOv9~myG8Ov9.9uf~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvzmMQ7L17Jy5~GOEN1EOv9~O1jyvYLyoH.9~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vu9F&vgd_cfud=230301&vgd_scsver=291&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duhvu&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001702384889621031165826561699&rc=0&rand=1702384889959&acid=9d9da252a088e83cb672a2611f49b718&matm=1702384889959&vgd_ltimesrc=1&vgd_ltime=411&vgd_rtime=368&vgd_etm=5&vgd_l1hcsd=Og4dd%7C8177&vgd_l1ch=1&vgd_lhl=1321&vgd_pgid=p0343378868t202312121241&vgd_csip=rtb-appnexus-78d5854775-gjspw.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D16e%2C8y%2Ca%2Cb%2C1v%2Cf%2Ch%2Ci%2Ci2%2Ck7%2Cq%2C3%2C4%2C90%2C92%2C9%2Cjg%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2665&&kkdd=H*%7CW%7CuH*nh39A&93=Dqq&f9=vPq~DdIddmI~PdBdBII&1YjG=v&VbjO=q&HYf=vv~m&TbHL=*DI6&H9Y=d!oIh!Qnk&HjHY=j.BT08TiT!.H7qWg3G7L8S%3D%3D&HG9Y=~BIId6~dB&b9FL=Dqqw~6q&HH=!t&bH=Kt&HNxV=cyEi4ks4aA7&j9Y=d-y!4~4yl&Tj9Y=4~vDDI~&NTTjb=v&GGG=TFkJN*HgJ*ELHYKJQva3TmDj(E74FGlXXB1SMLCmhDX!Ain32uDeK3%3D%3D&u3Gp=NTTjb%3A%2F%2FjObTLg9xuzxLT&Lu3Gp=3PPaS%3AiiavSPe2dFozFeP&xbL=6&g3=v&C1Y=I&OYTv=d!oScv6~e&OYT~=ddv6~BdvI&XYOTO=bY~%3DxCggRTT%3DqR9CGgEg%3D~qR81LGjV%3Dqzq~Rf3ELwH%3DqzvdRbVVEX9Y%3DqzqvRf9bEbY%3D~m~Rb8X2%3DqRYH~%3DvR9bTV%3D~RbHY%3DF1RfEObx%3D6BdqDRfg~GEbY%3D~q~Dv~v~q6R9CGgEX%3DvPP6zd~RCGgETuH%3DqRbTY%3D~PvmPD~dRgObT%3DRHf81%3DqzDPRf9bECGgEX%3Dqz~vRfg~GE9EbY%3D~q~Dv~v~q~R9j%3DD8ok3HRpXX%3DqRf9bECGgEg%3D~qRG99jCO%3DI%2CIRLT%3D~vRGH%3DvRVT9Y%3D-yqqqqv~Rfg~GE9EX%3DqzqvRGjbEbY%3D~q~Dv~v~qBRf9bEX%3DDmqzdBRCGgEX%3Dqz6BRfg~GECGgEX%3DqRfg~GECGgEf9%3DvaJvBRCGgETf9%3DqRbVVE3G%3DIz6IIBRLHjELLG%3DvqDRCGgEg%3D~qRbgf%3DqR1HOT%3DJvRXX%3DvmBRff%3DqRbVVEVCg%3DqzBvRHfg~GEbY%3D~mIRGpf%3DqRg~GEX%3DvqqqRLGjV%3Dqzq~Rfg~GECGgEuH%3DqaqRjb9EH%3Dv%2Cv%2Cq%2Cq%2Cq%2Cq%2Cq%2CqRXV%3DvRjb9EY%3DqRbVVEbY%3D~q~Dv~v~q~RODjEX%3DvzD~%2CDdzvvRb9Y%3D~BIId6~dBRbY%3DqRC9Y%3D~0OAgcgCtmnjP*3N1WRHfg~GEX%3DqzDPRXTY%3DDqPmmmvqI6I~qdBPPvqmDI~vB~6Dq~DPv6q6DDq~PdBv~dDBmIBDDI6qm~dDmvBqd6PPqPPP~BIBI6BdB6PBImBvPI~6DPDBmD~66BdRf3C%3DqzvdRY~jEg%3DvqRHfg~%3DqzDPRDjHp%3DvqqqRC9V%3DqRYVVEbTG1%3Dx8EbTGOTL1WRY~jEX%3DqzmBR81Y~jEX%3DqzmBRfCGgEX%3D~zqvRbb%3DcsRHH%3D!tRC93%3DJvRHL%3DqRGjbEX%3DDdzvvRGHf%3Dv~zI~RfCGgEg%3D~qRGjbECGgEX%3DIBzvvR!0%3DDq6mRuXECH%3DJ~RxTb%3DvRuXEHHub%3DJ~RZ-~%3Dz)%2Fjz)RHT%3DNCxLxXLG1RXbbEQ4l%3Dcs%2CcsRXOb9b~%3DvmBRXOb9bv%3DvmBR9bkLp%3DqR9fCGgEX%3Dqz6R9b9p%3DqRX9Y%3DqzqvRGjbECGgEg%3D~qRYH%3DdRfg~GEX%3DvzD~R9fCGgEg%3D~qRHXYj%3Dqzqv~R9TWjLE9Y%3DvBRbLggLGETO1E9Y%3D~PvmPD~dRbCjjgWETO1E9Y%3D~PvmPD~dRf9L3OX9g9TW%3DqzvdD6mBRj8b%3DqRHOGG9LG0Y%3DqR81X9Y%3Dqzqv~RXpgG%3Dqzqv~RbC9Y%3DRYTH%3DLObTEbHRYVVELGjV%3DpOgbLRYVV%3Dx8EbTGOTL1WRXYjHOjY%3DqRYOg1%3DVG1JIzqR9xbg%3DqRb8Xj%3DRNTVg%3DvRYHCT%3DIqRY81X%3DqJvR9XH%3DvRxbF%3DvRT1b%3DDqqw~6qRXbX%3DqRXbj%3DqRTVw%3DvqB&xTf=q&VVV=b8WLsMwkQxpLAC3n9akjq-jTvGHPLIp39(Tp1D!*-M(Lsmv0DPA4nEfSSadL7hnBkp8g4OsKca*1G19cno!!D3%3D%3D&9x0pG=v&XYG0Y=IBq&X9Y=DIdvIq&uTTgL=.OWbVOx%20l81N9GLx%20yWOuN9g8VL%3A%20s%20!g8bLG%20*88u%20OT%20-ObT8G%20!NG9b%26Gb(C8%3B%20cLjNL3%20J%20-ObTLg9xuzxLT&VHp=mm~q&WYbjG=v&uOTjGL=v&uOTX9Y=Jvq~&HOY8VO9x=TFkJN*HgJ*dQTy*IeK89!QNdTHDsjFCDjUd9jqLI-Fa%3D&Wjgj=v&9b9Y=6&OYf=ALxLGOg%20iLOGHN&j19Y=jqDIDDPddBdT~q~Dv~v~v~Iv&bbgY=%7B%22bb9j%22%3A%22vd6zvm6zPvzq%22%2C%22bbHH%22%3A%22!t%22%2C%22bbbH%22%3A%22KA%22%2C%22bbHTW%22%3A%22t%C3%83%C2%BCxLxXLG1%22%7D&NTVgbGH=v&sflct=272060&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Dec 2023 12:41:30 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Tue, 12 Dec 2023 12:41:30 GMT
bql.php
lg3.media.net/ Frame 971E 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5937&&vgd_canary=0&vgd_l2type=scs_newfl&fp=7Qp1a2yAgQqtrF-rYirXkLMtV0ic_BnRjdxuZz8TKKpd-9QVEkbPUjzZChkfJ-HEWyjd_6UNV9rVIkRkl0BPfipwl_60EPzVIErvH9jgtB1unhF7Uhtu6vgvY3M3vnCyx0vl-UrklO61bx7L15br3Q%3D%3D&cme=j4YIgTjJBclTHQwUbulYU7mg1aGra3GybpR-dB4zguD3yD-b-8dlunDIs9GqSlUfETlOVAFhmZ1lGijLzwY5fTeg3noVejKHgRHBZFpuuEHhpfZBq_siJmi2F2Sk7dW3G7pjr0C8WmsCCVg_Z-JOCXhejx64HMhkQ1rUSch8ArMdte2uaIAbaf-pvrmnDbCoR6DhZsTztGt8MVPluUhExQSCUNje6Fks4_zDA_w_Y4WHEEMgCFcTAA%3D%3D%7C%7CDGYsJEiSixHSP5r3D-YKL-HlKobbaQhq%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7R2wJ1rjRhMHd8zJXf1_-bCAhTDwvZ-sMsd5ZsAxboRw%3D%3D%7Cxrl5Md8q4-_JOyM93sW-EW1YB9G19zQ3TskEbCw3hNI%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CzgYDFaY6yvstcYE2ovzFcYM5tOUgJo7uIpuOVaDYv6TY1rX2Wfqat4DibcH5WLa3rFCSK7lVnylDJ58KKElVD4thsi1mi2n9rCs_0Y2vcVV86UI8eW1HAWaWs-82s2_jcVzkst7b64Cd5rEMW-AvPaJFIv1y-Zf0Mq8GWo_fqZ9dWo7uyjlVxt9IknpcuIk2-BEhnWEeY9zMObrt5K-TS-hwZsEH3_CSm7lfvw7Ms0sQPrPLx0Qe0-vdVjl6J1F4jxvj9zr7bQEFpJYqdnAnf4bcT3V1RC6t%7Cu8A6SM53vAddm10tWuVKqCMJyoPj4lrs%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Lowest+Airfare+Flights&kwt[]=391&kbc[]=1261596608&kwp[]=1&kid[]=116435987&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0346%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C74%3D2.46%7C53%3D0.05%7C60%3D0.13%7C80%3D1.28%7C12%3D0.10%7C1%3D0.06%7C2%3D1.91&ktd[]=274894881024&kwd[]=No+Experience+High+Paying+Jobs&kwt[]=391&kbc[]=1261596608&kwp[]=2&kid[]=20626549&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0290%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C74%3D2.46%7C53%3D0.07%7C60%3D0.15%7C80%3D1.28%7C12%3D0.02%7C1%3D0.08%7C2%3D2.43&ktd[]=4503874522251520&kwd[]=10+Best+Perfumes+for+Women&kwt[]=391&kbc[]=1261596608&kwp[]=3&kid[]=32942870&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0235%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C74%3D2.46%7C53%3D0.50%7C60%3D0.22%7C80%3D1.28%7C12%3D0.09%7C1%3D0.42%7C2%3D3.18&ktd[]=4503874522251520&kwd[]=Top+10+Electric+Vehicles&kwt[]=391&kbc[]=1261596608&kwp[]=4&kid[]=316687202&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D121120%7C13%3D0.0231%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C74%3D2.46%7C53%3D0.87%7C60%3D0.04%7C80%3D1.28%7C12%3D0.18%7C1%3D0.58%7C2%3D2.93&ktd[]=274911658240&kwd[]=10+Best+International+SIM+Cards&kwt[]=391&kbc[]=1261596608&kwp[]=5&kid[]=350801682&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D121120%7C13%3D0.0286%7C14%3D121207%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.318%7C74%3D2.46%7C53%3D0.57%7C60%3D0.28%7C80%3D1.28%7C12%3D0.01%7C1%3D0.42%7C2%3D6.64&ktd[]=4503874522251520&v=1&gdpr=1&geo=47.18%7C8.43&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=CH&wsip=170774706&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%2C%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQQN%22%3A%222Z%22%7D&cid=8CU4FCKBR&vi=1702384889293992768&vsid=DefVid&tdAdd[]=asnum%3D56803&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L345-S345&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_refdomain=pastelink.net&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c80a&vgd_nrrsf=scrr&vgd_cty=hunenberg&vgd_ifrmode=13&sttm=1702384889658&upk=1702384890.23286&hvsid=00001702384889658031165826568301&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&vgd_l1rakh=1702384889102867210&vgd_ecrid=446649379&vgd_isiolc=1&kbbq=%26asn%3D56803&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uW~e8QMQOvfif~ONfvu~8Q7Yvf~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAufuf9X~8xLjMGvuhhX.Wf~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~Nemyv9.Ah~e8QMxLjMGv9.fu~ejfLM8MQOvf9fAufuf9f~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vH%2CH~J7vf9~LNvf%2C9~Y78Ov0a9999uf~ejfLM8MGv9.9u~LEQMQOvf9fAufuf9F~e8QMGvAWF.AH~xLjMGv9.XF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvu9A~xLjMjvf9~Qjev9~yN17vou~GGvuiF~eev9~NejfLMQOvfiH~Lkev9~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvu.Af%2CAW.uu~Q8OvfFHHWXfWF~QOv9~x8OvfV1Z8yiAhCCqaCCm1X~NejfLMGv9.Ah~G7OvA9hiiiu9HXHf9WAXWWffHh9fFhHuufWiuAhiiuAuXAfXHWfAuhiAf9999uHhXiufhHHhuWWfFiufA9HH9XWiiFuAAifWhHXHXFuHWHW~eBxv9.uW~OfEMjvu9~Nejfv9.Ah~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvf.9u~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAW.uu~LNevuf.Hf~exLjMjvf9~LEQMxLjMGvHF.uu~%3DVvA9Xi~UGMxNvof~z7Qvu~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~G8Ov9.9f~LEQMxLjMjvf9~ONvW~ejfLMGvu.Af~8exLjMjvf9~NGOEv9.9uA~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.uWAXiF~EmQv9~N1LL8JLVOv9~myG8Ov9.9f9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~8zQjv9~QmGEv~w7Yjvu~ONx7vAX~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vu9F&vgd_cfud=230301&vgd_scsver=291&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duhvu&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=200&vgd_mbr=1&vgd_pgids=4&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001702384889658031165826568301&rc=0&rand=1702384889990&acid=d8c6360800564f8f52d146808b78d761&matm=1702384889990&vgd_ltimesrc=1&vgd_ltime=462&vgd_rtime=421&vgd_etm=4&vgd_l1hcsd=Og4dd%7C8177&vgd_l1ch=1&vgd_lhl=1322&vgd_pgid=p0343378868t202312121241&vgd_csip=rtb-appnexus-78d5854775-gjspw.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D16e%2C8y%2Ca%2Cb%2C1v%2Cf%2Ch%2Ci%2Ci2%2Ck7%2Cq%2C3%2C4%2C90%2C92%2C9%2Cjg%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2581&&kkdd=n!%7Cu%7CnHA*39&12=.FI4oRpRRV4VoVV4FZR&381=rT5Tq3-%20HT3qtP&728=opR.pp&s8Lq=.&nzL3=I&t81=..4V&NztT=vopJ&t28=R_Epd_*6U&tLt8=LbZNexNHN_bthIA-(qhTxc%3D%3D&tq28=4ZppRJ4RZ&z2GT=oIIk4JI&tt=_f&zt=)f&tP5n=f!UXWDh&L28=ROW_S4SWa&NL28=S4.oop4&PNNLz=.&qqq=NGUyPvt-yv9Tt8)y*.m(NVoLC9hSGqa77ZscgT0Vdo7_rH6(KBoj)(%3D%3D&B(qY=PNNLz%3A%2F%2FL3zNT-25Bl5TN&TB(qY=(FFmc%3AHHm.cFjKRGElGjF&5zT=J&-(=.&0s8=p&38N.=R_EcD.J4j&38N4=RR.J4ZR.p&783N3=z84%3D50--wNN%3DIw20q-9-%3D4IwxsTqLn%3DIlI4w1(9Tkt%3DIl.Rw12z9z8%3D4V4w8t4%3D.w2zNn%3D4wzt8%3DGsw193z5%3DJZRIow1-4q9z8%3D4I4o.4.4IJw20q-97%3D.FFJlR4w0q-9NBt%3DIwzN8%3D4F.VFo4Rw-3zN%3Dwt1xs%3DIloFw12z90q-97%3DIl4.w1-4q929z8%3D4I4o.4.4I4w2L%3DoxEU(twY77%3DIw12z90q-9-%3D4Iwq22L03%3Dp%2CpwTN%3D4Iwqt%3D4%2CIwnN28%3DOWIIII.4w1-4q9297%3DIlI.wqLz9z8%3D4I4o.4.4IZw12z97%3DoRZlopw0q-97%3DIlJZw1-4q90q-97%3DIw1-4q90q-912%3D.my.Zw0q-9N12%3DIwTtL9TTq%3D.Iow0q-9-%3D4Iwz-1%3DIwst3N%3Dy.w77%3D.VZw11%3DIwt1-4q9z8%3D4VpwqY1%3DIw-4q97%3D.IIIwTqLn%3DIlI4w1-4q90q-9Bt%3DImIwLz29t%3D.%2C.%2CI%2CI%2CI%2CI%2CI%2CIw7n%3D.wLz298%3DIw3oL97%3D.lo4%2CoRl..wz28%3D4ZppRJ4RZwz8%3DIw028%3D4e3r2sVoF**fW**x3Jwt1-4q97%3DIloFw7N8%3DoIFVVV.IpJp4IRoJRR44pFI4ZFp..4RV.oFVV.o.Jo4JpR4o.FVo4IIII.pFJV.4FppF.RR4ZV.4oIppIJRVVZ.ooV4RFpJpJZ.pRpRw1(0%3DIl.Rw84L9-%3D.Iwt1-4%3DIloFwoLtY%3D.IIIw02n%3DIw8nn9zNqs%3DP3qnx5Aw84L97%3DIlVRwxs84L97%3DIlVZw10q-97%3D4lI.wzz%3DD!wtt%3D_fw02(%3Dy.wtT%3DIwqLz97%3DoRl..wqt1%3D.4lp4w10q-9-%3D4IwqLz90q-97%3DpZl..w_e%3DoIJVwB790t%3Dy4w5Nz%3D.wB79ttBz%3Dy4wXO4%3DlM%2FLlMwtN%3DP05T57Tqsw7zz9*Sa%3DD!%2CD!w73z2z4%3D.VZw73z2z.%3D.VZw2zUTY%3DIw210q-97%3DIlJw2z2Y%3DIw728%3DIlI4wqLz90q-9-%3D4Iw8t%3DRw1-4q97%3D.lo4w210q-9-%3D4Iwt78L%3DIlI.ow2NALT928%3D.ZwzT--Tq9N3s928%3D4F.VFo4Rwz0LL-A9N3s928%3D4F.VFo4Rw12T(372-2NA%3DIl.RoJVZwLxz%3DIwt3qq2Tqe8%3DIwxs728%3DIlI4Iw7Y-q%3DIlI.4wz028%3Dw8Nt%3DT3zN9ztw8nn9TqLn%3DY3-zTw8nn%3DP3qnx5Aw78Lt3L8%3DIw83-s%3D052zx54Zw25z-%3DIwzx7L%3DwPNn-%3D.w8t0N%3DoJw8xs7%3DIy.w27t%3D.w5zG%3D.wNsz%3DoIIk4JIw7z7%3DIw7zL%3DIwNnk%3D.IZ&5N1=I&nnn=zxAT!gkU*5YTr0(62mULIOLN.qtFTpY(2CNYso_vOgCT!V.eoFrS691ccmRThd6ZUYx-S3!)Dmvsqs2D6E__o(%3D%3D&2(=oII&25eYq=.&78qe8=pZI&BNN-T=b3Azn35%20axsP2qT5%20WA3BP2-xnT%3A%20!%20_-xzTq%20vxxB%203N%20O3zNxq%20_Pq2z%26qzC0x%3B%20DTLPT(%20y%20O3zNT-25Bl5TN&ntY=VV4I&A8zLq=.&B3NLqT=.&B3N728=y.I4&t38xn325=NGUyPvt-yvR*NWvpj)x2_*PRNto!LG0oLiR2LITpOGm%3D&AL-L=.&2z28=J&Ls28=LIopooFRRZRN4I4o.4.4.4p.&zz-8=%7B%22zz2L%22%3A%22.RJl.VJlF.lI%22%2C%22zztt%22%3A%22_f%22%2C%22zzzt%22%3A%22)r%22%2C%22zztNA%22%3A%22f%C3%83%C2%BC5T57Tqs%22%7D&PNn-zqt=.&sflct=272060&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Dec 2023 12:41:30 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Tue, 12 Dec 2023 12:41:30 GMT
sync.html
public.servenobid.com/ Frame 443F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.83 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
26920
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 05:13:14 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 b17e3799e485082f3a270f6c4550e322.cloudfront.net (CloudFront)
x-amz-cf-id
zZRQ-g_RZsJLgc1tf1OmE_PtuoSDNg70npvuTDhNJnLZ6jZXbnjTkg==
x-amz-cf-pop
MXP63-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5F8E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
14581
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 12 Dec 2023 12:41:30 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
496, 56364
X-Served-By
cache-lga13626-LGA, cache-mxp6922-MXP
X-Timer
S1702384890.297006,VS0,VE0
/
onetag-sys.com/usync/ Frame E980 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702384886666
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
87909875e3e87e5145986c263c91c5189f1a618c1e494b9954f4cb554fe483ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1406
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 421C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23905
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
Tue, 12 Dec 2023 19:19:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D6FB 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 12:41:30 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 279B 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1702384800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e41d0d99178500288586b0770e21155d186e5cf21c5c37af415a4a4c432147d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8573
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
Thu, 14 Dec 2023 12:41:30 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTU2NjE1NTY5OTIwNTc0MDk2OA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFSv3d_mkn-cxIEnIJftcMs&gdpr=0&gdpr_consent=&google_cver=1
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFSv3d_mkn-cxIEnIJftcMs&gdpr=0&gdpr_consent=&google_cver=1
Protocol
HTTP/1.1
Server
81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFSv3d_mkn-cxIEnIJftcMs&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-mxp6920-MXP
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702384890.302778,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU2NjE1NTY5OTIwNTc0MDk2OA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU2NjE1NTY5OTIwNTc0MDk2OA==&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=NTU2NjE1NTY5OTIwNTc0MDk2OA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7311687423465945248&gdpr=0&gdpr_consent=
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7311687423465945248&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7311687423465945248&gdpr=0&gdpr_consent=
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
b1sync.zemanta.com/usersync/smart/ 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
img
sync.mathtag.com/sync/ Frame E980 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x1 config_version:"2665" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x1 config_version:"2665"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 12:41:29 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E980 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E980
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7176766822098981487
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7176766822098981487
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
7ab6531a-0a13-47f5-a1ac-18c78aa0efc9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame E980
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702384890301057-339
tap.php
pixel.rubiconproject.com/ Frame E980 		42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=r2sUgLfFU5IbNS4ksh-T763HdkNljKs-tRRs615am6I
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E980
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame E980
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L8eI-kCPUUkrdyXBuU-AEI700pSOaqA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L8eI-kCPUUkrdyXBuU-AEI700pSOaqA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjF4L8eI-kCPUUkrdyXBuU-AEI700pSOaqA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame E980 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame E980
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HBK0KPJ0FWWMG8DN24XW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame E980 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
content-length
0
/
onetag-sys.com/match/ Frame E980
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E980 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame E980 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1702384886666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.92.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-92-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 5F8E 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
b2f2195d-a843-4933-b6f3-64d0878fe554
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D6FB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23673
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:03 GMT
13926
g2.gumgum.com/usync/ Frame AC74 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.221.156 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
437cedce64242f124be1c950bee82e3a603a3ecf19fb75e4275bde4e08a57797

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 12 Dec 2023 12:41:30 GMT
etag
W/"02bb27384de03fbb2ec1d0407f151ba3f"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 8CE8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
12c40d1b7b8c7cb3da9beb1f43050781bc237e505282219ffa6b5b5e9d881956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1421
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 4E84 		817 B
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e48d2ec037d3c04f9c94b17be7371c416757568081c0ddaa20007330384b77e3

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
817
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4F67 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31050fb9615cd7a84da55e18f720052612aedd7742c3721939d8f272b0fc7f03

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83460abdfc0324be-ZRH
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YT167a5rNutmmNRsIAhSguvaQR9mjLigRZPKY%2BY5vlLatqHNGxfsXahhn0fZWu7vkwbeZqOl%2BNpUX76toekIlzxfKMj%2FovZN%2BhmAIvM5aLp4iQWVpibyrJROvqxLngaHwsWx6yHnY28UAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9788
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 12:41:30 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 12:41:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D00 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23905
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
Tue, 12 Dec 2023 19:19:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 2DD0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4600:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
195fef42805784669459da36e0b45e7c5017364345f616b6107326ab7933d20a

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-id
S1a7YLZCxXtL-tjonbO5lCpqSBDG2q67u1V3Jlo04aEBvA9LggyQ7g==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 6A97 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 635F 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.206.176.4 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e1c39921e304a4252ed09b8c0c228c6dbbcc61fd34c085f4bc3b27fe28069c20

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7176766822098981487
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7176766822098981487
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
30000558-aad3-4a20-bbc3-b62116d46d94
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HzwZtRZH7Dw7Ex02TRa2vpOI
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HzwZtRZH7Dw7Ex02TRa2vpOI
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HzwZtRZH7Dw7Ex02TRa2vpOI
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 443F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2023 12:41:30 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
generic
match.adsrvr.org/track/cmf/ Frame 443F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1555999705
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1555999705
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
etag
RX68eed92e4bc84e3f8d59d99c9497c06c003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1555999705
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5109685631277691006
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5109685631277691006
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5109685631277691006
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=4e5df7e0-7865-4388-814d-7c9be193b822
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=4e5df7e0-7865-4388-814d-7c9be193b822
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-29
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=4e5df7e0-7865-4388-814d-7c9be193b822
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-sync
sync.adkernel.com/ Frame 443F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS0xOWUyYTFlNS03M2I4LTN...
0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS0xOWUyYTFlNS03M2I4LTNiNGItYWYwZC0zNGFkZWY2YzMyNzMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xOWUyYTFlNS03M2I4LTNiNGItYWYwZC0zNGFkZWY2YzMyNzMyAhsMOAE=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0

Redirect headers

location
https://sync.adkernel.com/user-sync?zone=176971&t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26buyeruid%3D%7BUID%7D%26r%3DCid1YS0xOWUyYTFlNS03M2I4LTNiNGItYWYwZC0zNGFkZWY2YzMyNzMQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0xOWUyYTFlNS03M2I4LTNiNGItYWYwZC0zNGFkZWY2YzMyNzMyAhsMOAE=
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-PWLNX35E2uFvfUBIaT9sU815a03hHOpOvi5O8Uc-~A
date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 443F 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.254.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-254-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
sync
ads.servenobid.com/ Frame 443F
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 12:41:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 12:41:30 GMT
ecm3
s.amazon-adsystem.com/ Frame 8CE8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9VY5CIGTH12kqcCSN6-HDNdNSnLMi8HXUJCSLG0K7_s
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9VY5CIGTH12kqcCSN6-HDNdNSnLMi8HXUJCSLG0K7_s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3T4RBAB8QQ1NQC28W3ZX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=9VY5CIGTH12kqcCSN6-HDNdNSnLMi8HXUJCSLG0K7_s
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
img
sync.mathtag.com/sync/ Frame 8CE8 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x5 config_version:"2665" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x5 config_version:"2665"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Tue, 12 Dec 2023 12:41:29 GMT
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LQ2C09BS-19-69F3&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
e891130f-be1c-43c0-80a7-ced157dc63ab
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702384890602002-390
tap.php
pixel.rubiconproject.com/ Frame 8CE8 		42 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=1cd6ef18-4968-44ed-b2df-829e4501627e
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
711916.gif
id.rlcdn.com/ Frame 8CE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=457C0E3B-119F-4C87-8B76-6993553AC403
date
Tue, 12 Dec 2023 12:41:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEATvYTHp2nVLZ0ZZH9ST4GA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8CE8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 8CE8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74&google_hm=Zjk2ZjAyMjEtMzkyMS00ZGMxLWE5YmEtZjdmYzc0NTA2Zjc0
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHefg5YVD225PEvxEKkVpNg&google_cver=1&ssp=onetag&bsw_param=f96f0221-3921-4dc1-a9ba-f7fc74506f74
  • https://onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=&gdpr_consent=&us_privacy=
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ads.servenobid.com/ Frame 8CE8 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame 4F67 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel
content-length
70
content-type
image/gif
53233
d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/ Frame 4F67
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXhU.NGBw0f89tZ9hxjgyAAA%263398&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
0
0
crum
dsum-sec.casalemedia.com/ Frame 4F67
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7176766822098981487
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7176766822098981487
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXhKoQbPWXZ6afRNId%2FE%2B8DtvuYye46GDI%2B2pyXw2yFB%2BrjKVhFzreTs41ZghpI4ZCu8XgjFny2QJ0fhMwr8ss00lVeeL6sDakkkx3tZe3xcfdiIFC9A4tBy%2BBdZVRAonf4ORt6dcM2f1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460abebdad24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
ec2262af-c146-4fed-8882-03e788c17bd6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4F67 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 4F67
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=862b4ab263ca46249f8ece623f174037&expiration=1704976890
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=862b4ab263ca46249f8ece623f174037&expiration=1704976890
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXztn6%2FwyFdOnhsSqzP3n5qTFjTe87AlbhyG0iKtJdEZC5BPpoPAwdcREWHkqfbz3MbKnBgRUTwIL6E7v31aelPfATgrrswpU%2BbUZQJf%2FSKpobC0XFQj5kt7w%2F%2Bx8D%2FcYQxpHBoPP6JWFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460abead9424be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:29 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=862b4ab263ca46249f8ece623f174037&expiration=1704976890
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4F67
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5566155699205740968&gdpr=0&gdpr_consent=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5566155699205740968&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBvKaRqAlBoTHelrcU4wN7LSDqNi7dZUhpIcm8bxfhHnGNmvgW4gF5QofsLQJmPSRQ9hzI3AyWfQxTAFOJOQhLZmi7xI5SQHzz1QKjLn%2F0EoQxEgg0p0o%2BdVwsW33ZJwXrZoNyO2Xd9%2BkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460abfc83e24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=5566155699205740968&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 12:41:30 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 4F67
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718196090&external_user_id=3dc6aa49-eb81-43a2-9c43-87c0434f75a8
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718196090&external_user_id=3dc6aa49-eb81-43a2-9c43-87c0434f75a8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhYS%2Be99vYjTQKS%2Bu6nOQHYfM0dr2sVtPpPe4N%2FhoKdJgVRiI%2Bev6ZQ%2FJbnkmOZhaVY5zqmGFVIH8%2BvQ0DkZR%2BWuBeVbrssGvwHUmJTjSr5Irf6Zl7xHHxkAQQdl2%2F46FA0%2F3Ip7M3jNtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460abfb81b24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718196090&external_user_id=3dc6aa49-eb81-43a2-9c43-87c0434f75a8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame 4F67
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=2a867811fb7717b1&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI1EM2hGXFrwNYXvmgAAAAAAA&expiration=1702471290&is_secure=true
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI1EM2hGXFrwNYXvmgAAAAAAA&expiration=1702471290&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Fwou8xz%2F7HRSGA3pLLVKpGxGgQs6D0DbeIM99LSuAKuq6u%2BnIc1Byjej5hW6l043itw96s3OG298uPqbIhzoXVK7NXmY83PrKBWrpiPEE1xUZciv9R8gEHRofDvN5OFnYNddoEY"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83460abf2e9a24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI1EM2hGXFrwNYXvmgAAAAAAA&expiration=1702471290&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 4F67 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZXhU-NGBw0f89tZ9hxjgyAAADUYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 9788 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23673
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:03 GMT
log
hblg.media.net/ Frame 1D60 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDlkOWRhMjUyYTA4OGU4M2NiNjcyYTI2MTFmNDliNzE4vKDYyAaYBwRDSBpwYXN0ZWxpbmsubmV0EjhDVVFOMTUyShAyNzE5NzMyOA4zMDB4MjUwDmVhc3Rfc2MEMjMQQVBQTkVYVVMSOFBSMTEzSkdDDkJJRF9BUEkAEDI3MTk3MzI4AjBAcnRiLWFwcG5leHVzLTc4ZDU4NTQ3NzUtZ2pzcHcuU0MSNDQ2NjQ5Mzc5AjAAIAEQRVhDSEFOR0UCAmQ&evttyp=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Dec 2023 12:41:30 GMT
khaos.json
token.rubiconproject.com/ Frame 9788 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQ2C09BS-19-69F3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7176766822098981487
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7176766822098981487
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
5d859110-6dce-4243-9d84-914bb23aaeb4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7176766822098981487
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26u...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=406bf678-8d6d-525a-85fb-42c1e083163b&ssp=gumgum2&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=f96f0221-3921-4dc1-a9ba-f7fc74506f74&gdpr=0&gdpr_consent=&us_privacy=
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=77601671-7fa4-4d5c-bc30-71022feded28
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=77601671-7fa4-4d5c-bc30-71022feded28
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 12 Dec 2023 12:41:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=77601671-7fa4-4d5c-bc30-71022feded28
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72$ip$185.195.71.217
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72$ip$185.195.71.217
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72$ip$185.195.71.217
Date
Tue, 12 Dec 2023 12:41:30 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-_7MidN1E2pexoEJ0pcGhwOQ3apCm2iz11VDm~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-_7MidN1E2pexoEJ0pcGhwOQ3apCm2iz11VDm~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-_7MidN1E2pexoEJ0pcGhwOQ3apCm2iz11VDm~A
content-length
0
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=70375868-b402-4c04-9dcb-902623f69260
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=70375868-b402-4c04-9dcb-902623f69260
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=70375868-b402-4c04-9dcb-902623f69260
Date
Tue, 12 Dec 2023 12:41:30 GMT
Connection
keep-alive
X-CI-RTID
9e139208-ea65-4e01-aed4-2992d62be38d
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame AC74 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/gumgum/ Frame AC74
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&s=2&us_privacy=...
0
0
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=FX5Eoja69qoL&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=FX5Eoja69qoL&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=FX5Eoja69qoL&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-8wjjt
expires
-1
usersync
usersync.gumgum.com/ Frame AC74
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5566155699205740968
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5566155699205740968
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5566155699205740968
date
Tue, 12 Dec 2023 12:41:30 GMT
content-length
0
sync
ads.servenobid.com/ Frame AC74 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 9D87
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=247683937117432826&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=247683937117432826&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.221.156 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=247683937117432826&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 1979 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81ZjY2ZDk5Yi03M2EwLTRhNmEtOWM2Ni02MzEyYjAxMzRhZmY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DDCE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23905
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
Tue, 12 Dec 2023 19:19:55 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 388D 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame 24C4 		0
0
usersync
usersync.gumgum.com/ Frame 6FB8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 12:41:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 12 Dec 2023 12:41:30 GMT Tue, 12 Dec 2023 12:41:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=G8EeY-0BLUtJXCYDW5oEFa0TMqGCUjz1RPVRQNnFPxc&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame EAB2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 12:41:30 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 12 Dec 2023 12:41:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
log
hblg.media.net/ Frame 56F3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGQ4YzYzNjA4MDA1NjRmOGY1MmQxNDY4MDhiNzhkNzYxvKDYyAaYBwRDSBpwYXN0ZWxpbmsubmV0EjhDVVFOMTUyShAyNzE5NzMyOA4zMDB4MjUwDmVhc3Rfc2MEMjMQQVBQTkVYVVMSOFBSMTEzSkdDDkJJRF9BUEkAEDI3MTk3MzI4AjBAcnRiLWFwcG5leHVzLTc4ZDU4NTQ3NzUtZ2pzcHcuU0MSNDQ2NjQ5Mzc5AjAAIAEQRVhDSEFOR0UCAmQ&evttyp=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 12 Dec 2023 12:41:30 GMT
sync
ads.servenobid.com/ Frame 9788
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LQ2C09BS-19-69F3
  • https://ads.servenobid.com/sync?pid=323&uid=LQ2C09BS-19-69F3
0
0
async_usersync
ib.adnxs.com/ Frame AB6E 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11801&pub_id=2194068&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
e9a224cd-66de-4530-95b9-c2feb010bab1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-rtb.minutemedia-prebid.com/ Frame 2DD0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4600:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
P62vyCyZ-cC3xVQswoaBtv_jX5MOKd7JzAWy4wxAKK2SRMUSq1DVJQ==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 2DD0
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=911509356514636065239
0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2DD0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4600:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
LlKmB3rBGBWpL76leLyj46SrfFKDTTFoIK0RqYrpwQoKMxhwgb_-Ww==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 2DD0 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 12 Dec 2023 12:41:30 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 2DD0
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=814f81036bd3128e3201066ac6edd1c9
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=814f81036bd3128e3201066ac6edd1c9
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4600:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
tNO9LGR_YqoxrZwn1XyiSoDedg1RiAXvMpwqSRcbwSzrEW5y_0TcEw==

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=814f81036bd3128e3201066ac6edd1c9
x-kong-upstream-latency
7
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2DD0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXhU.NGBw0f89tZ9hxjgyAAA%263398
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXhU.NGBw0f89tZ9hxjgyAAA%263398
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4600:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
3W5fK0nic_A4LiJ5RQGaQJ8z9tRiXh8bdWgbgGuDIE_z2yIGW-OSZg==

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJaxTCT19MNS7Xvk1idlOtqAATmoo55W0%2FX%2BtnMrOYzpLTRQh1Rek1U2oH0PJNgixQf4h1DYJC%2BNC7e0MS57OezYKsSBW7ufMH4M5MKaJBJrOmYQHXMDjFtYnktons1LwLiFmNvTPnyyKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXhU.NGBw0f89tZ9hxjgyAAA%263398
cache-control
no-cache
cf-ray
83460abf6f4c24be-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2DD0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=19045005-2823-4a5e-a3d3-7818a7be668b
0
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=19045005-2823-4a5e-a3d3-7818a7be668b
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:2057:4600:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
ZaDgVGKBWBDUEioE5G5YhHJp8fi3pGcn1CYtnAy-eF425pQrxmJ-HA==

Redirect headers

date
Tue, 12 Dec 2023 12:41:30 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=19045005-2823-4a5e-a3d3-7818a7be668b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.servenobid.com/ Frame 2DD0 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=GVfBG2n-Cp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame EAB2 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 19:16:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23673
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 19:16:03 GMT
async_usersync
ib.adnxs.com/ Frame 8DBC 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11801&pub_id=2194068&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
6f5b6114-3580-4887-9f69-97d7f7fc399e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.217; 185.195.71.217; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 4E84 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5566155699205740968&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 4E84
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3777948660
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3777948660
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
etag
RX68eed92e4bc84e3f8d59d99c9497c06c003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3777948660
cache-control
no-store, no-cache, must-revalidate
expires
0
/
b1sync.zemanta.com/usersync/smart/ Frame 4E84 		0
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 12:41:31 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 4E84
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=247683937117432826&gdpr=0&gdpr_consent=
43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=247683937117432826&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=247683937117432826&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 4E84
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-mxp6920-MXP
pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702384891.851736,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZXhU_QAGY5ELUgBH&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame 3D0C 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame EAB2 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQ2C09BS-19-69F3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame DDCE 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69883116&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
450be725cdafdbb64f251fddc4039b3a93f7c74e134e9f4fa36868b4bb273fb3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 12:41:29 GMT
content-length
1479
content-type
text/html; charset=UTF-8
vevent
nym1-ib.adnxs.com/ Frame 1D60 		0
662 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKCBfBMggIAAAMA1gAFAQj2qeGrBhCq8tPJhtDq20AY5vzp5rqDnbEaKjYJ-n5qvHSTiD8RiIVa07zjhD8ZAAAAQOF6AEAhiIVa07zjhD8p-n4JJAAxCRu4xD8wkP_7DDiZXECVCUhgUKOo_dQBWMvdoQFgAGj99sQBeKSoBYABAYoBA1VTRJIFBvD9mAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHBWeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9tbWN6Nzl1NYADAIgDAZADAJgDFKADAaoDQRIYMzg1MzIwMDIzMTQxMDc1MjkwNV9zYmlkGhM0NjYzMzgzNDA3NjYzMDUzMDk4Igk0NDY2NDkzNzkqBU0xMTczwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKMhITD6BBIJAAAAIIySR0ARIUnYaU8gQIgFAZgFAKAFibvDjaCm1Lw1qgUPNzI0MmMwZTYyMGQ2ZmE3wAUAyQUAAAAAAADwP9IFCQFFBQFw2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBq_xAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SoBdIHDRVlASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=cdadd9a83acb8db92bfee9999453d89ca4bc3c3e&type=pv&jm=1003&px=1078&py=798&bw=300&bh=250&sf=1&sid=5386308791820843971&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27197328&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
c3b99922-57e8-4016-8e9e-3e9dfd88a22d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame EAB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LQ2C09BS-19-69F3
  • https://usersync.gumgum.com/usersync?b=mag&i=LQ2C09BS-19-69F3
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LQ2C09BS-19-69F3
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LQ2C09BS-19-69F3
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
match
c1.adform.net/serving/cookie/ Frame 392A 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 12 Dec 2023 12:41:30 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
ad.mrtnsvr.com/sync/ Frame C51B 		0
0
i.match
a.tribalfusion.com/ Frame 7C88 		0
0
pub
matching.truffle.bid/sync/ Frame 771E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 12 Dec 2023 12:41:31 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
cs
cs-rtb.minutemedia-prebid.com/ Frame 93F6
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E6AFAC3797F14B70B25B7C15FB7D9484&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
0
0
generic
match.adsrvr.org/track/cmf/ Frame DFCF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1879540393
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1879540393
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 12 Dec 2023 12:41:30 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 12 Dec 2023 12:41:30 GMT
etag
RX68eed92e4bc84e3f8d59d99c9497c06c003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1879540393
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
usersync
usersync.gumgum.com/ Frame B7CB 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 12 Dec 2023 12:41:30 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame DDCE 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
83460ac09ff80e91-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame DDCE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=457C0E3B-119F-4C87-8B76-6993553AC403&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=457C0E3B-119F-4C87-8B76-6993553AC403&sInitiator=external&gdpr=0&gdpr_consent=
0
0
mw
mwzeom.zeotap.com/ Frame DDCE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=457C0E3B-119F-4C87-8B76-6993553AC403&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=96bf28eef2bb1407
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=849bcc03-eecf-41fb-6d69-01d3c9c369c8&reqId=e0becab0-ca3c-41e2-656a-c5a8edbd5148&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAVzDWjtlBYN-j3QUoIci_I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=849bcc03-eecf-41fb-6d69-01d3c9c369c8&reqId=e0becab0-ca3c-41e2-656a-c5a...
0
0
vevent
nym1-ib.adnxs.com/ Frame 56F3 		0
663 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https://pastelink.net/mmcz79u5&e=wqT_3QKCBfBMggIAAAMA1gAFAQj2qeGrBhDeivTjjpfYtHsY5vzp5rqDnbEaKjYJObTIdr6fij8R_WX35GGhhj8ZAAAAQOF6AEAh_WX35GGhhj8pObQJJAAxCRu4xD8wkP_7DDiZXECVCUhgUKOo_dQBWMvdoQFgAGj99sQBeKSoBYABAYoBA1VTRJIFBvD9mAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtHBWeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9tbWN6Nzl1NYADAIgDAZADAJgDFKADAaoDQRIYMzg1MzIwMDIzMTQxMDc1MjkwNV9zYmlkGhM4ODkyNzQ1Mjg2NTc3NjIwMzE4Igk0NDY2NDkzNzkqBU0xMTczwAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDjE4NS4xOTUuNzEuMjE3qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBKMhITD6BBIJAAAAIIySR0ARIUnYaU8gQIgFAZgFAKAFibvDjaCm1Lw1qgUPNzI0MmMwZTYyMGQ2ZmE3wAUAyQUAAAAAAADwP9IFCQFFBQFw2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBq_xAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB6SoBdIHDRVlASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=675990cda8df2a1fb00652ab328dfbc48e9f71ff&type=pv&jm=1003&px=1078&py=498&bw=300&bh=250&sf=1&sid=5386308791820843971&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27197328&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 12:41:30 GMT
an-x-request-uuid
7507b457-65d5-459d-aa33-e97b811ed854
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.217; 185.195.71.217; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 635F
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=457C0E3B-119F-4C87-8B76-6993553AC403
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=457C0E3B-119F-4C87-8B76-6993553AC403
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
52.206.176.4 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:31 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=457C0E3B-119F-4C87-8B76-6993553AC403
date
Tue, 12 Dec 2023 12:41:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs.yellowblue.io/ Frame 635F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.246.157.113 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:31 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 12:41:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=de3ee347eec9a9c1ba4447b99e90a5&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702384890859097-421
v1
match.sharethrough.com/universal/ Frame 635F 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.254.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-254-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
sync
ads.servenobid.com/ Frame 635F 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=SCfoG2nzCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:41:30 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bqi.php
lg3.media.net/ Frame 1D60 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2450&lf=3&&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_tsce=L345&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=348140&vgd_cdv=1129&vgd_cage=6&vgd_rensize=300_250&vgd_ren_page_h=2244&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uW~QYYMG8Ov9.9u~e8QMQOvfif~QmGdv9~ONfvu~8Q7Yvf~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAufuf9X~8xLjMGvuhhX.Wf~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~Nemyv9.Ah~e8QMxLjMGv9.fu~ejfLM8MQOvf9fAufuf9f~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vH%2CH~J7vfu~LNvu~Y78Ov0a9999uf~ejfLM8MGv9.9u~LEQMQOvf9fAufuf9F~e8QMGvAi9.WF~xLjMGv9.XF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvH.XHHF~JNEMJJLvu9A~xLjMjvf9~Qjev9~yN17vou~GGvuiF~eev9~QYYMYxjv9.Fu~NejfLMQOvfiH~Lkev9~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~QYYMQOvf9fAufuf9f~1AEMGvu.Af%2CAW.uu~Q8OvfFHHWXfWF~QOv9~x8OvfV1ZjIjxqiREhTBwy5~NejfLMGv9.Ah~G7OvA9hiiiu9HXHf9WFhhu9iAHfuFfXA9fAhuX9XAA9fhWFufWAFiHFAAHX9ifWAiuF9WXhh9hhhfFHFHXFWFXhFHiFuhHfXAhAFiAfXXFW~eBxv9.uW~OfEMjvu9~Nejfv9.Ah~AENkvu999~x8Yv9~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvf.9u~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAW.uu~LNevuf.Hf~exLjMjvf9~LEQMxLjMGvHF.uu~%3DVvA9Xi~UGMxNvof~z7Qvu~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~G8Ov9.9u~LEQMxLjMjvf9~ONvW~ejfLMGvu.Af~8exLjMjvf9~NGOEv9.9uf~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.uWAXiF~EmQv9~N1LL8JLVOv9~myG8Ov9.9uf~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvzmMQ7L17Jy5~GOEN1EOv9~O1jyvYLyoH.9~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vu9F&vgd_lbt=500&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=264485286&rrr=tzR-hLcl-L_ecdZ-K1Ewt93pq_YTzrWbb6gQXeu9F3bCGSBwjk3JZw%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vi=1702384889427868644&ugd=4&cc=CH&sc=ZH&bdrid=460&subBdr=196&vgd_kwrf=https%3A%2F%2Fpastelink.net&startTime=1702384889615&l1ch=1&l1hcsd=l1!Og4dd|8177&cref=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&mmm=soyeAXxRKnfeGuwBiERp0Ppt1rc7e4fwiqtfg3CLPXqeA91I37GTB_vQQE8eYFB6RfolTaAZNELgrgiNBUCC3w==&buid=348140&sttm=1702384889621&upk=1702384890.2719&hvsid=00001702384889621031165826561699&acid=9d9da252a088e83cb672a2611f49b718&verid=3111299&infr=1&stime=1702384889597&tsrc=entity&kafm_ull_cache=00&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1702384889136591735&vgd_sc=ZH&vgd_ecrid=446649379&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0343378868t202312121241&vgd_pgids=1&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Dec 2023 12:41:31 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 12 Dec 2023 12:41:31 GMT
bqi.php
lg3.media.net/ Frame 56F3 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2383&lf=3&&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_tsce=L345&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=348144&vgd_cdv=1129&vgd_cage=6&vgd_rensize=300_250&vgd_ren_page_h=2244&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.9f~eBMJ-Nv9.uW~e8QMQOvfif~ONfvu~8Q7Yvf~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAufuf9X~8xLjMGvuhhX.Wf~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~Nemyv9.Ah~e8QMxLjMGv9.fu~ejfLM8MQOvf9fAufuf9f~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vH%2CH~J7vf9~LNvf%2C9~Y78Ov0a9999uf~ejfLM8MGv9.9u~LEQMQOvf9fAufuf9F~e8QMGvAWF.AH~xLjMGv9.XF~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvu9A~xLjMjvf9~Qjev9~yN17vou~GGvuiF~eev9~NejfLMQOvfiH~Lkev9~jfLMGvu999~JLEYv9.9f~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvu.Af%2CAW.uu~Q8OvfFHHWXfWF~QOv9~x8OvfV1Z8yiAhCCqaCCm1X~NejfLMGv9.Ah~G7OvA9hiiiu9HXHf9WAXWWffHh9fFhHuufWiuAhiiuAuXAfXHWfAuhiAf9999uHhXiufhHHhuWWfFiufA9HH9XWiiFuAAifWhHXHXFuHWHW~eBxv9.uW~OfEMjvu9~Nejfv9.Ah~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvf.9u~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAW.uu~LNevuf.Hf~exLjMjvf9~LEQMxLjMGvHF.uu~%3DVvA9Xi~UGMxNvof~z7Qvu~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~8Q8kv9~G8Ov9.9f~LEQMxLjMjvf9~ONvW~ejfLMGvu.Af~8exLjMjvf9~NGOEv9.9uA~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.uWAXiF~EmQv9~N1LL8JLVOv9~myG8Ov9.9f9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~8zQjv9~QmGEv~w7Yjvu~ONx7vAX~OmyGv9ou~8GNvu~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vu9F&vgd_lbt=200&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=264485286&rrr=tzR-hLcl-L_ecdZ-K1Ewt93pq_YTzrWbb6gQXeu9F3bCGSBwjk3JZw%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&vi=1702384889293992768&ugd=4&cc=CH&sc=ZH&bdrid=460&subBdr=196&vgd_kwrf=https%3A%2F%2Fpastelink.net&startTime=1702384889655&l1ch=1&l1hcsd=l1!Og4dd|8177&cref=https%3A%2F%2Fpastelink.net%2Fmmcz79u5&mmm=soyeAXxRKnfeGuwBiERp0Ppt1rc7e4fwiqtfg3CLPXqeA91I37GTB_vQQE8eYFB6RfolTaAZNELgrgiNBUCC3w==&buid=348144&sttm=1702384889658&upk=1702384890.23286&hvsid=00001702384889658031165826568301&acid=d8c6360800564f8f52d146808b78d761&verid=3111299&infr=1&stime=1702384889573&tsrc=entity&kafm_ull_cache=00&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1702384889102867210&vgd_sc=ZH&vgd_ecrid=446649379&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0343378868t202312121241&vgd_pgids=4&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/mmcz79u5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 12 Dec 2023 12:41:31 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 12 Dec 2023 12:41:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_5f66d99b-73a0-4a6a-9c66-6312b0134aff&s=2&us_privacy=1---
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=323&uid=LQ2C09BS-19-69F3
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=911509356514636065239
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=457C0E3B-119F-4C87-8B76-6993553AC403
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=457C0E3B-119F-4C87-8B76-6993553AC403&sInitiator=external&gdpr=0&gdpr_consent=
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAVzDWjtlBYN-j3QUoIci_I&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=849bcc03-eecf-41fb-6d69-01d3c9c369c8&reqId=e0becab0-ca3c-41e2-656a-c5a8edbd5148&zcluid=96bf28eef2bb1407&zdid=1332

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture function| $ function| jQuery function| Cookies object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha function| onYouTubeIframeAPIReady object| googletag object| gaGlobal object| gaplugins object| gaData object| bsaexperiments object| bsablockthrough object| bsagpt object| bsaheaderbid object| optimize object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| ggeac object| google_js_reporting_queue boolean| __bt_already_invoked undefined| google_measure_js_timing object| google_reactive_ads_global_state object| Criteo object| sas object| apntag object| _ADAGIO number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| _mNDetails number| lnt_z

142 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgiiARDbFgoJCP____8HEOUW
i6.liadm.com/s Name: _li_ss
Value: CgA
pastelink.net/ Name: PHPSESSID
Value: ioaket7punitevpqolpi71dr8o
.pastelink.net/ Name: _gcl_au
Value: 1.1.669118630.1702384886
.pastelink.net/ Name: _ga
Value: GA1.2.1287958868.1702384886
.pastelink.net/ Name: _gid
Value: GA1.2.1666735276.1702384886
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1702384886.1.0.1702384886.0.0.0
.rubiconproject.com/ Name: khaos
Value: LQ2C09BS-19-69F3
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 587752=5756441
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500016409%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 5566155699205740968
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500016409%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0&c=1&l=1047347517&lo=1852618765&lt=638379816866518679&o=1
.omnitagjs.com/ Name: ayl_visitor
Value: 814f81036bd3128e3201066ac6edd1c9
.360yield.com/ Name: tuuid
Value: 665210dc-b78c-4eac-956d-404a3a5425ef
.360yield.com/ Name: tuuid_lu
Value: 1702384887
.pastelink.net/ Name: __gads
Value: ID=c24dc404ecb69014:T=1702384887:RT=1702384887:S=ALNI_MaKKC35CfgmDLTbVPoucvJOuPRIvg
.pastelink.net/ Name: __gpi
Value: UID=00000d18e17e8729:T=1702384887:RT=1702384887:S=ALNI_MYcj8IW-46agQNgM-E6ejFN0L-dmg
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1702384885.1.0.1702384887.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkxO-990rREuaAUdCFPG1hsS1jLhvrSyEixXlxDXdma3eosnIjY4glmhjfytYo
.adnxs.com/ Name: uuid2
Value: 7176766822098981487
.contextweb.com/ Name: V
Value: FX5Eoja69qoL
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 6b596f3bcde2d6bb
.openx.net/ Name: i
Value: 53f18d58-fe36-4afd-819d-a907839adf93|1702384887
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 457C0E3B-119F-4C87-8B76-6993553AC403
.casalemedia.com/ Name: CMPS
Value: 3398
.casalemedia.com/ Name: CMID
Value: ZXhU.NGBw0f89tZ9hxjgyAAA
.casalemedia.com/ Name: CMPRO
Value: 3398
.creativecdn.com/ Name: u
Value: 6EERqStpPyB8nST050xP
.creativecdn.com/ Name: g
Value: 6EERqStpPyB8nST050xP_1702384888327
.creativecdn.com/ Name: ts
Value: 1702384888
.sitescout.com/ Name: ssi
Value: 9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806#1702384888374
.simpli.fi/ Name: suid
Value: E6AFAC3797F14B70B25B7C15FB7D9484
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: LtAN1CKG1Rd24M5
.adform.net/ Name: uid
Value: 247683937117432826
.w55c.net/ Name: matchcasale
Value: 5
.brand-display.com/ Name: _knxq_
Value: 9391145e-0614-7717-ce5d02d7.1702384888.0.1702384888.1702384888
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 53be28644293ed08950e49bc7dc796d
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmOQNzVOSjWyMDMxMbI0Tk0xsLA0NUg1sUxKNk9JNrc0S2EAgtSKkB8gGgoAPs8KjA%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIrQj5AaSgAAAaSAIq"
.marphezis.com/ Name: bcu
Value: M0tVR3hQJTZaN1NWLxtEVVxlX10jcVBFRVpWWU1aeV5SUn5fXFdwQlBfUUxSW1V_S0hHfUteRxgqATJGOiQtGngPXFw8M10NOhgOHik1IjMYeFlWU3taXV1gDw==
.criteo.com/ Name: uid
Value: 59e23abb-f1b2-4bcd-97f9-4d61a263a1f3
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2In2syKE6!]tbP6j2F-.aDabByFnKcfMPQkyh$gAT*sykCH`kAU'9FPXF+V*qF1`*b_Kc(_gx7
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRMkMwOUJTLTE5LTY5RjMiLCJleHBpcmVzIjoiMjAyNC0wMy0xMVQxMjo0MToyOFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0xMlQxMjo0MToyOFoifQ==
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1702384888728
.tapad.com/ Name: TapAd_DID
Value: 6650ca14-61a0-49f0-b6ff-497be5a24c49
.yahoo.com/ Name: A3
Value: d=AQABBPhUeGUCEOf0BI1IDZ2oeHG7xhlCnqIFEgEBAQGmeWWCZbti0CMA_eMAAA&S=AQAAAqZBy3OW4r2cz8wnTcpI5RQ
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: DPSync3
Value: 1703548800%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1703635200%3A35%7C1703548800%3A8_233_81_214_88_71_54_166_264_238_21_13_251_46_56_22_234_161_220_7_3_165_254_55%7C1702944000%3A15_2_223%7C1703203200%3A63%7C1704931200%3A203
.connatix.com/ Name: cnx_userId
Value: 5622e715ad674b8291bf08328a0c6480
.bidr.io/ Name: bito
Value: AAC2mU7K8KoAABRae0t2PA
.bidr.io/ Name: bitoIsSecure
Value: ok
.primis.tech/ Name: csuuid
Value: 657854f8cde09
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMjM4NDg4ODg2NSwiMjQiOjE3MDIzODQ4ODg0MDgsIjE1IjoxNzAyMzg0ODg4NjEzLCIzOSI6MTcwMjM4NDg4ODQwOCwiNyI6MTcwMjM4NDg4ODQwOH0
.bidr.io/ Name: checkForPermission
Value: ok
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ctnsnet.com/ Name: cid_862b4ab263ca46249f8ece623f174037
Value: 1
.liadm.com/ Name: lidid
Value: d40cda51-7edc-4a99-9511-bef37c43b40f
.weborama.fr/ Name: AFFICHE_W
Value: C7k1Ot8pYu8L41
.bidswitch.net/ Name: tuuid
Value: f96f0221-3921-4dc1-a9ba-f7fc74506f74
.bidswitch.net/ Name: c
Value: 1702384888
.bidswitch.net/ Name: tuuid_lu
Value: 1702384888
.quantserve.com/ Name: d
Value: ELgBCwHSKvijAA
.quantserve.com/ Name: mc
Value: 657854f8-e1af0-5d90f-c20fa
.adx.opera.com/ Name: UID
Value: OPUb85c77a1eb4641b7982417bfbbe7dc72
.amazon-adsystem.com/ Name: ad-id
Value: A0khEg7E1EpQgmISRodumcs
.csync.loopme.me/ Name: viewer_token
Value: 00e2d664-4360-4585-9969-bb5ffd319236
.linkedin.com/ Name: bcookie
Value: "v=2&adaf642b-3124-4fb5-80cf-0f2215df0273"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDIzODQ4ODg7MjswMjErpEhoe+aR149/57PeUqphnxSBdaWAgeRYwPLtKjoVHw==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3199:u=1:x=1:i=1702384888:t=1702471288:v=2:sig=AQH-5ouLKwyv5pwRzOMPPIS8Iap9omt6"
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOhZqCq4OHe6TfS4Z_SUbp4&KRTB&23025-CAESEOhZqCq4OHe6TfS4Z_SUbp4&KRTB&23386-CAESEOhZqCq4OHe6TfS4Z_SUbp4
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUb85c77a1eb4641b7982417bfbbe7dc72&KRTB&23485-OPUb85c77a1eb4641b7982417bfbbe7dc72&KRTB&23524-OPUb85c77a1eb4641b7982417bfbbe7dc72
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1&KRTB&19420-8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1&KRTB&22979-8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1&KRTB&23462-8hODvPES0rzpQ4XlohaZsaAfhOLpRYa0okdAdEz1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348&KRTB&23418-9bbd5b8e-8e4f-445c-a2c4-eafd5ed0e806-657854f8-4348
.adsby.bidtheatre.com/ Name: __kuid
Value: 28be3875-413b-42b2-8ddc-5a2f556cfbcd.471598888
.de17a.com/ Name: guid
Value: 1.3763969272172057271
.pubmatic.com/ Name: SPugT
Value: 1702384888
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-247683937117432826&KRTB&23263-247683937117432826&KRTB&23481-247683937117432826
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7176766822098981487&KRTB&23339-7176766822098981487
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQyNzezNDQwMBPiM9T1ccv29nOpsMjTNckBADTzmVYlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQyNzezNDQwMBPiM9T1ccv29nOpsMjTNckBADTzmVYlAAAA
.turn.com/ Name: uid
Value: 8918939968121487317
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72.l2Bk4%2Fy6Rxqs8les9eSVIEU%2BBefGz3F5deMzw9XzFvQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3a5d772a-6f6b-5b93-7f85-aa61daea4c72.l2Bk4%2Fy6Rxqs8les9eSVIEU%2BBefGz3F5deMzw9XzFvQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOl13Km9rW5N_haph2upMcrnDR9k.qm%2BzTs6Zf9hRYXIa9miMOvQOmq7iBAy64z87uDwCAZM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AOl13Km9rW5N_haph2upMcrnDR9k.qm%2BzTs6Zf9hRYXIa9miMOvQOmq7iBAy64z87uDwCAZM
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5109685631277691006
.audrte.com/ Name: arcki2
Value: a7bbWOjtQDzSIqMyTcYr-pmPA!20220908!1702384889029!ip#185.195.71.217
.audrte.com/ Name: arcki2_pubmatic
Value: 457C0E3B-119F-4C87-8B76-6993553AC403!20220908!1702384889029
.rezync.com/ Name: zync-uuid
Value: a63902a2-6c30-492c-926c-11fa91fd6938:1702384888.9682717
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8918939968121487317&KRTB&23150-8918939968121487317&KRTB&23527-8918939968121487317
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3763969272172057271
.dotomi.com/ Name: DotomiTest
Value: 38eba8bdf4b7158e
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1oi7|7dN.0.AAC2mU7K8KoAABRae0t2PA|8m8.0.1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Ol13Km9rW5N_haph2upMcrnDR9k&KRTB&23334-Ol13Km9rW5N_haph2upMcrnDR9k&KRTB&23417-Ol13Km9rW5N_haph2upMcrnDR9k&KRTB&23426-Ol13Km9rW5N_haph2upMcrnDR9k
.onaudience.com/ Name: cookie
Value: 96bf28eef2bb1407
.onaudience.com/ Name: done_redirects104
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXhU_QAGY5ELUgBH
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMuw2AMAxFUTEAVeYw8rMjf9gmSpSBKCkZgQnpEJS3OPdeVjiLRo1IBh_Fm2myNCHrylRTOqVYJ2C2xByWGvuLYksLcfhZPicIX__GA0OaOt1qAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwQ3AMAgDwE_XoQITgd1tUKoM0sl79109lXIMrHa6LWGbUNsizijOW0o-0Y7kInmriI7-AQ-NSfo6AAAA
.audrte.com/ Name: arcki2_ddp2
Value: a7bbWOjtQDzSIqMyTcYr-pmPA!20220908!1702384889124
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHtH4kcOAXgwMg_KF8AAAAAAA&KRTB&22713-AAAHtH4kcOAXgwMg_KF8AAAAAAA&KRTB&22715-AAAHtH4kcOAXgwMg_KF8AAAAAAA&KRTB&23519-AAAHtH4kcOAXgwMg_KF8AAAAAAA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILYits3gPf57N9DAuLFzZ1xS3mHxEvu9wArcsiv5SHzvEHwYBCD5qeGrBjABOgTwi70wQgSJX3Bq.wrASB8NCO4LK4c1BYxYMmm2mAw7Pp%2BLjBKXo5KpKt4U
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILYits3gPf57N9DAuLFzZ1xS3mHxEvu9wArcsiv5SHzvEHwYBCD5qeGrBjABOgTwi70wQgSJX3Bq.wrASB8NCO4LK4c1BYxYMmm2mAw7Pp%2BLjBKXo5KpKt4U
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-68eed92e-4bc8-4e3f-8d59-d99c9497c06c-003%22%7D
.ipredictive.com/ Name: cu
Value: 70375868-b402-4c04-9dcb-902623f69260|1702384889166
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-tk2EoAPtRUhMXSnnMXhhbWaT
.audrte.com/ Name: arcki2_adform
Value: 247683937117432826!20220908!1702384889220
live.rezync.com/ Name: sd-session-id
Value: .eJwNzNEKgzAMQNF_ybMdSapp0p-RUiuUTTese5n47-vjhcO9YP6UY0t72U-I5_EtA-RX7dUgXtDqbytPiDARmugknjgEMUIUuAdopbX63ue6dJPEG3JiJ9mjG42zM5bsiNZktC5iXiMFZK-jqj76kAMFuP-Z2SUf.ZXhU-Q.QzpLvWH9oDcR1WAEi3h2k87Y-Bo
.rlcdn.com/ Name: rlas3
Value: QZaR6lRLwt9E4Lw5FVj64jyaY/aML6ojI/ynd/p/0DE=
.adfarm1.adition.com/ Name: UserID1
Value: 7311687423465945248
.pastelink.net/ Name: cto_bundle
Value: GZOW6F9JY3VRUXNYdVpzOW1nM0NEVmNzMlBDJTJCJTJCZU1OdHlSVENVRHRrMldSb2E4cXNYUXdyOTVuanBmbTN1UWpsJTJCekNOQmhYRjNXWjJGR0tDUElDMlNrbEN4N1EwTnNCSW56QnBGNW10UzFJbFJoQXZpZ1olMkIxTm1vRkNEWVJIODdyaEpWa0M5Nm5tSmtVaHZpNVFLdEFJU2cyUSUzRCUzRA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7311687423465945248&KRTB&23369-7311687423465945248
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC2mU7K8KoAABRae0t2PA
.rlcdn.com/ Name: pxrc
Value: CPmp4asGEgUI6AcQABIGCLbqARAAEgYIuuoBEAA=
pool.admedo.com/ Name: tuuid
Value: 58cf946d-aa01-483a-9588-3fa84e52ea6e
pool.admedo.com/ Name: c
Value: 1702384889
pool.admedo.com/ Name: tuuid_lu
Value: 1702384889
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-f96f0221-3921-4dc1-a9ba-f7fc74506f74
.pubmatic.com/ Name: PugT
Value: 1702384888
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2fkc:18z8~2fkc:194o~2fkc"
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMTItMTJUMTI6NDE6MjYuNjEwNjk2NTY4WiIsImltcHJvdmVkaWdpdGFsIjoiMjAyMy0xMi0xMlQxMjo0MToyNi42MTA5ODE5MDZaIiwib25ldGFnIjoiMjAyMy0xMi0xMlQxMjo0MToyNi42MTE3MDY4NFoiLCJwdWJtYXRpYyI6IjIwMjMtMTItMTJUMTI6NDE6MjYuNjExNTY0Mjg5WiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiJlZDIzODk3Ny1lZTk4LTQxN2UtYjhkMi1lMWMwMWRhOTY0ZTEiLCJleHBpcmVzIjoiMjAyNC0wMi0xMFQxMjo0MToyNi41OTY0NDA2MzlaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6IjY2NTIxMGRjLWI3OGMtNGVhYy05NTZkLTQwNGEzYTU0MjVlZiIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDEyOjQxOjI3Ljk3NDYyNDE5NFoifSwib25ldGFnIjp7InVpZCI6InIyc1VnTGZGVTVJYk5TNGtzaC1UNzYzSGRrTmxqS3MtdFJSczYxNWFtNkkiLCJleHBpcmVzIjoiMjAyNC0wMi0xMFQxMjo0MToyOS43NDA2MDQ5NjZaIn0sInB1Ym1hdGljIjp7InVpZCI6IjQ1N0MwRTNCLTExOUYtNEM4Ny04Qjc2LTY5OTM1NTNBQzQwMyIsImV4cGlyZXMiOiIyMDI0LTAyLTEwVDEyOjQxOjI4Ljg2MjI5NzMyM1oifX0sImJkYXkiOiIyMDIzLTEyLTEyVDEyOjQxOjI2LjU5NjA4ODkxNFoifQ==
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%23PMUID^0^0
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpL6RRECIdN/xwWzGvB5zjFz6IwaRerIsg7PQdoYZ4Ad3RPJf9VDvMsxvLXEvCojEETZI9/Nf5XGCYbB5SW5XQ3mePgyV9QG0XQD5U7tEfUTQ==
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: de3ee347eec9a9c1ba4447b99e90a5
.admanmedia.com/ Name: admtr
Value: 1cd6ef18-4968-44ed-b2df-829e4501627e
.admanmedia.com/ Name: ac_r
Value: CS253
.onetag-sys.com/ Name: OTP
Value: MMtPATnLNJKkKMeRmvSg77rIb0Qip8uxADBJOMtQ3IA
.smartadserver.com/ Name: csync
Value: 76:GOOGLE_HOSTED_SI|127:AAC2mU7K8KoAABRae0t2PA

4 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8033a9e1c8f352f906e0371b868d803d.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
bttrack.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cdn.adnxs.com
cdn.topsrvimp.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csync.loopme.me
d.adroll.com
d.turn.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
lg3.media.net
live.primis.tech
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
nym1-ib.adnxs.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
r.casalemedia.com
region1.google-analytics.com
rt.marphezis.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.4dex.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
warp.media.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.tribalfusion.com
ad.mrtnsvr.com
ads.servenobid.com
b1sync.zemanta.com
cm-supply-web.gammaplatform.com
cs-rtb.minutemedia-prebid.com
d.turn.com
mwzeom.zeotap.com
tg.socdm.com
uipglob.semasio.net
104.18.41.104
108.139.243.83
13.32.27.83
130.211.23.194
134.122.57.34
141.94.170.64
141.95.171.139
142.250.185.226
142.250.186.70
145.40.97.67
15.197.193.217
151.101.1.108
151.101.129.108
151.101.194.49
161.35.94.188
162.55.120.196
167.172.55.208
172.64.151.101
178.128.135.204
178.250.1.9
178.32.210.227
178.79.242.16
185.184.8.90
185.29.132.245
185.64.189.112
185.64.190.81
185.64.191.210
185.86.138.152
185.86.139.93
185.89.210.122
188.42.34.65
192.132.33.68
193.0.160.131
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
198.47.127.205
2.16.164.91
2.18.160.23
2.19.217.60
2001:4860:4802:32::36
208.93.169.131
213.155.156.168
216.52.2.16
216.52.2.48
23.201.255.110
23.212.88.20
23.32.184.192
23.35.236.188
23.48.23.57
2600:1f18:ed:550f:2ea8:40b3:7109:7bd2
2600:9000:2057:4600:1f:4c18:bd40:93a1
2600:9000:2251:7400:1a:5235:f980:93a1
2602:803:c003:200::51
2606:4700:10::6816:1857
2606:4700:10::6816:4ad8
2606:4700:20::681a:346
2606:4700:20::681a:8a9
2606:4700:20::681a:ad1
2606:4700:4400::ac40:994e
2606:4700::6811:180e
2607:ae80:192:1::173
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:21::1720
2a05:d018:cc3:fe05:360d:1e8d:2547:a624
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc
3.222.179.146
3.69.92.105
3.75.62.37
34.111.113.62
34.111.129.221
34.120.63.153
34.149.40.38
34.149.50.64
34.160.19.107
34.247.205.196
34.95.69.49
34.96.71.22
35.156.254.191
35.186.193.173
35.204.158.49
35.210.53.219
35.214.215.74
35.244.159.8
35.244.174.68
37.157.4.29
46.228.164.11
46.228.174.117
50.16.53.197
50.31.142.63
51.89.9.254
52.16.120.138
52.206.176.4
52.28.254.225
52.31.27.40
52.46.128.147
52.51.96.110
52.94.222.140
54.155.221.156
54.162.68.92
54.166.150.36
54.194.196.88
54.228.143.85
54.246.157.113
63.251.232.165
63.33.18.223
67.202.105.22
68.67.179.153
69.166.1.34
69.173.144.139
70.42.32.191
77.245.57.72
8.18.47.7
80.77.87.162
81.17.55.173
82.145.213.8
85.114.159.93
88.208.215.108
95.101.148.20
95.101.196.17
98.98.134.243
0086697583ee23a9a23e1a67e94812862f61ee30a9f679b8b5d56e718fb43696
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
04a0296184f17e6a84f76b45291d74ee146e2b004f8dba87d0ad3f9f87fdf60a
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c8cf3bd02e306cf5a00c862fceaf446cb92d4b312a1b9826beb4a9db5749a4e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
118d5aba65997b268366d3aedf6585eff651533821795b4f13dc651923b3032c
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
12c40d1b7b8c7cb3da9beb1f43050781bc237e505282219ffa6b5b5e9d881956
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
1507b4191de6cd5e283a20180dd8c8e87abf7d6c56f0e2a4bbdb026abbc30764
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
179392e1a7ffb58ba9ebbcacacfc5fdc291b6b60f7bf91b4ef9d9207ec510677
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195fef42805784669459da36e0b45e7c5017364345f616b6107326ab7933d20a
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd5b9251c4107f00e4031b3b6262a41576ea4b5daf5c1475a37ea6afea2aa49
2cf4b1169eba4605a9571ba396c475e49179546e96030ebfa82dbc3ac16cc771
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31050fb9615cd7a84da55e18f720052612aedd7742c3721939d8f272b0fc7f03
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3d42e4ce94eaaef8a75bb0fcc9371579eea38f5ff32c0fa8aeba1460300a98d3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dea6aa91c5ba93bbce81ac94dd6ce41cbeef6c3653fd4070a76db6d9b573b19
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee7e291a71ebaf32e7a5082813ab1ab09c5f68638ae9e44e9309a61baaea819
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a633827be3de5cda62cbdc30c4404ba77fa61a57f44b40182c9eff70eb4db7
414b2111bf44efcc2e0779b243b2287f595624c373b8ef8f7a6e7be8a5cf73c5
437cedce64242f124be1c950bee82e3a603a3ecf19fb75e4275bde4e08a57797
450be725cdafdbb64f251fddc4039b3a93f7c74e134e9f4fa36868b4bb273fb3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
4986de437e93f1effeb8f620a4b987fbe4ee760ad9a5c4980effbb3cf813400d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4ec2aecd3fbbba2c6fb2948de39413c4dfdb2b846f3de90fa7a6d3d063868b3c
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
51831d748cc8e6dccff84ea6cdbcf6018224f017dd336a9e71627abc78717c0a
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bf8806711e05bba42532cfba6b8bb04d65d48cd25f0e01cc3007fd0c768aea
5701c781110c358387e3c43d6a2edfb4fd505d1673234e25844cbdb72dfff406
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
5e605238fdc13b206f881f819af4a1bfd779bb40bdc2eb71766155006779e4c5
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
61355c8de94480110ce1c107309689ec4b76f42d8234e42067cea59e766ed5d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c85c97c5c6c0c45f9f7e5d8ee898688f683b1e45614413004e2fd60cc955c94
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
715964c15a8419e6dbdaf741fcc71b0129418ddc65e5b4c6f0cd7c573e0f4bee
7655872312e287124326e6f938f9f2b7a5393a58f098ea4d314d26738f6a5fd8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a42d4a40caed70bcfdf397a7486cb4f1fac2b0ed15d8e427c567f81f1c25381
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87909875e3e87e5145986c263c91c5189f1a618c1e494b9954f4cb554fe483ce
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e0ae6d58777b715ea0809bfc2347ec8429aa37079d10e0da9c94db935e080ee
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
982a269834531f7d5e16ec9a78a13896e390415c8b21b8e870ca6ef8c71957db
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98f2b2ada7d95a1786333f2705b3d5b2712955156bc29bc254815552600549bd
9bb55abb920f48d8a688119f80d8d49e7c8251eaaef55880875598d04c087453
9dc48adaa892ba8e7c25ef9ed76615526237508ed212b7c8e6cba525d2b561a9
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a46fb4b0d435e4e16099c4403859ef914abea1650b4a52018467d20d2442fe8a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1234e8a2cdf56c92f06b58f09f24f6062c6f2a7327725c416fba40e2af7b74a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a2ffa8c55c3b9828c15ec6a8e583d20a501fa118e77cfae51e83fba1fe1c8a
bbb7f3f2ead20eb29fe965e5fcfde49814c35d6615d1e08f8496e7618003f372
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
bdf53c344ed930b344dbd294191646b06d0f5d05b31ac105209adafba586b41b
bf3e0ecfd528ee70f8e1cfaaa71ae06f2002eae3bd465c14e5f056d32edccda6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c669036a988609095adbbdb604b42d237d5033ce903ac27d1737abddcbfffebc
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7df3529dc158cc72e520a011aa9eb8331091b25bf7ac5b94b891d1d53e63223
c800accc93f942afb9ac6cdca792f930ed212c1fff0bd77f155df8f00ff4be42
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ceb515a9d3625eba8ab1b01d21369f415cd710e10a8025c7cdfe6bbadde844fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4d3853563ae0019c32b347ac3cf712b217d38575b07c66dceed3fa1c2c45d63
d7d56f6c81c3dca769e96d29cbb3a898cf905684ed71325022ec4eadbf3eaaa7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e02f1563054dc2170a7cf39cfce6ca51856e0f80e769aa8c1c0f4eb2b2425f1d
e04e230fef28ff637f01edc9952991502cbf7dcefe18ef91bfcade2ba505068b
e1c39921e304a4252ed09b8c0c228c6dbbcc61fd34c085f4bc3b27fe28069c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d0d99178500288586b0770e21155d186e5cf21c5c37af415a4a4c432147d7
e48d2ec037d3c04f9c94b17be7371c416757568081c0ddaa20007330384b77e3
e818f6fea40fe02802ab543ae13ec750b1d3a4fbe33c70a8fdbac86f5758631b
e82975d064a5db53a828a869d8651cc1af1c7718af5b13c360ef17a61c537d84
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e9d2dccc21a56389ee54b2331150fb42c758c7005d62589fafb1ba4049d199
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e