urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/cpsbn47l
Submission: On October 30 via manual from RU — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 92 IPs in 11 countries across 100 domains to perform 394 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 215717.
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
2 142.250.184.234 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 104.21.63.106 13335 (CLOUDFLAR...)
1 104.21.28.48 13335 (CLOUDFLAR...)
2 142.250.186.100 15169 (GOOGLE)
3 142.250.185.104 15169 (GOOGLE)
1 172.67.144.62 13335 (CLOUDFLAR...)
17 3.69.213.60 16509 (AMAZON-02)
1 142.250.186.99 15169 (GOOGLE)
4 142.250.186.67 15169 (GOOGLE)
2 142.250.185.206 15169 (GOOGLE)
1 172.64.136.15 13335 (CLOUDFLAR...)
27 172.64.137.15 13335 (CLOUDFLAR...)
25 142.250.186.34 15169 (GOOGLE)
4 23.35.236.201 16625 (AKAMAI-AS)
6 142.250.186.66 15169 (GOOGLE)
3 216.239.34.36 15169 (GOOGLE)
2 104.16.86.20 13335 (CLOUDFLAR...)
2 104.26.8.169 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 178.250.1.8 44788 (ASN-CRITE...)
5 54.246.65.75 16509 (AMAZON-02)
6 3.123.243.72 16509 (AMAZON-02)
6 23 51.75.86.98 16276 (OVH)
1 17 54.75.96.107 16509 (AMAZON-02)
2 185.106.140.18 7979 (SERVERS-COM)
6 13 185.89.210.90 29990 (ASN-APPNEX)
2 145.40.97.67 54825 (PACKET)
2 13 172.67.10.198 13335 (CLOUDFLAR...)
1 18.66.97.24 16509 (AMAZON-02)
1 18.66.127.127 16509 (AMAZON-02)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 178.250.1.3 44788 (ASN-CRITE...)
1 65.9.66.122 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
4 142.250.185.194 15169 (GOOGLE)
1 142.250.185.97 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 52.48.43.143 16509 (AMAZON-02)
1 104.18.23.145 13335 (CLOUDFLAR...)
4 141.95.98.64 16276 (OVH)
1 5 3.75.62.37 16509 (AMAZON-02)
6 178.250.1.11 44788 (ASN-CRITE...)
2 5 204.79.197.200 8068 (MICROSOFT...)
1 13.107.213.44 8075 (MICROSOFT...)
2 23.35.236.188 16625 (AKAMAI-AS)
5 172.217.18.1 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
3 35.244.159.8 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 4 37.157.6.233 198622 (ADFORM)
1 3 67.220.226.233 16509 (AMAZON-02)
8 52.223.40.198 16509 (AMAZON-02)
13 18 172.217.16.194 15169 (GOOGLE)
2 12 104.18.41.104 13335 (CLOUDFLAR...)
1 104.22.4.69 13335 (CLOUDFLAR...)
1 54.217.195.217 16509 (AMAZON-02)
1 172.64.132.19 13335 (CLOUDFLAR...)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 18.194.76.100 16509 (AMAZON-02)
4 4 64.202.112.63 23352 (SERVERCEN...)
3 3 98.98.134.243 21859 (ZEN-ECN)
8 10 185.64.190.79 62713 (AS-PUBMATIC)
10 185.64.191.210 62713 (AS-PUBMATIC)
1 162.19.138.117 16276 (OVH)
3 185.29.132.241 30419 (MEDIAMATH...)
3 8 69.173.144.165 26667 (RUBICONPR...)
4 4 2.16.241.18 20940 (AKAMAI-ASN1)
1 3 185.86.138.154 201081 (SMARTADSE...)
4 35.244.174.68 15169 (GOOGLE)
3 52.46.128.147 16509 (AMAZON-02)
5 7 54.93.103.174 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 108.138.26.85 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
4 4 52.51.16.139 16509 (AMAZON-02)
1 1 35.214.196.176 15169 (GOOGLE)
1 1 45.137.176.88 60350 (VP)
2 2 54.165.64.233 14618 (AMAZON-AES)
3 216.52.2.91 32475 (SINGLEHOP...)
3 3 23.212.211.47 16625 (AKAMAI-AS)
6 23.35.229.251 16625 (AKAMAI-AS)
1 185.86.138.150 201081 (SMARTADSE...)
2 2 3.120.55.153 16509 (AMAZON-02)
3 4 162.55.233.29 24940 (HETZNER-AS)
1 3 185.86.139.93 201081 (SMARTADSE...)
1 76.223.111.18 16509 (AMAZON-02)
1 1 91.228.74.166 16509 (AMAZON-02)
5 198.47.127.205 3257 (GTT-BACKB...)
1 2 151.101.130.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
1 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.167 1299 (TWELVE99 ...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 195.5.165.20 44968 (IPROM-AS)
1 34.254.54.88 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 35.170.18.82 14618 (AMAZON-AES)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 198.47.127.20 3257 (GTT-BACKB...)
1 2 104.18.24.173 ()
3 3 46.228.174.117 56396 (AMOBEE)
1 1 46.228.164.11 ()
1 1 15.235.15.221 ()
394 92
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
2    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.21.63.106 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ezojs.com
1    104.21.28.48 (None, )

ASN13335 (CLOUDFLARENET, US)
the.gatekeeperconsent.com
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
3    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
1    172.67.144.62 (United States)

ASN13335 (CLOUDFLARENET, US)
privacy.gatekeeperconsent.com
17    3.69.213.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
g.ezoic.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
4    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
1    172.64.136.15 (United States)

ASN13335 (CLOUDFLARENET, US)
g.ezodn.com
27    172.64.137.15 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
bshr.ezodn.com
25    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    54.246.65.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-65-75.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
6    3.123.243.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
23    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
17    54.75.96.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
visitor-eu-west-1.omnitagjs.com
2    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
13    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
ams3-ib.adnxs.com
secure.adnxs.com
2    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
13    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
1    18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net
connectid.analytics.yahoo.com
1    18.66.127.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-127.fra60.r.cloudfront.net
cdn.prod.uidapi.com
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
partner.googleadservices.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
5    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
www.bing.com
1    13.107.213.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
5    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googletagservices.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
3    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
8    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
18    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
cm.g.doubleclick.net
12    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
1    104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    54.217.195.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    172.64.132.19 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    18.194.76.100 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
match.sharethrough.com
4    64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
10    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
4    2.16.241.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    54.93.103.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-103-174.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    108.138.26.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-85.fra56.r.cloudfront.net
api-2-0.spot.im
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    52.51.16.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-16-139.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    35.214.196.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.196.214.35.bc.googleusercontent.com
csync.loopme.me
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
2    54.165.64.233 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-64-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    216.52.2.91 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    3.120.55.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-55-153.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
4    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
3    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.254.54.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    35.170.18.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-18-82.compute-1.amazonaws.com
a.audrte.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
2    104.18.24.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    46.228.164.11 (None, )

ASN- ()
ad.turn.com
1    15.235.15.221 (None, )

ASN- ()
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
294 KB
33 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843 Failed
image4.pubmatic.com Failed
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
229 KB
28 ezodn.com
g.ezodn.com — Cisco Umbrella Rank: 11555
go.ezodn.com — Cisco Umbrella Rank: 8931
bshr.ezodn.com — Cisco Umbrella Rank: 10279
304 KB
23 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
66 KB
17 rubiconproject.com
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com Failed
41 KB
17 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
visitor-eu-west-1.omnitagjs.com — Cisco Umbrella Rank: 30335
8 KB
17 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 15132
27 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
cdn.adnxs.com — Cisco Umbrella Rank: 1682
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
59 KB
13 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
16 KB
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 215717
345 KB
12 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
cd.connatix.com — Cisco Umbrella Rank: 3425
cds.connatix.com — Cisco Umbrella Rank: 3536
vid.connatix.com Failed
lit.connatix.com Failed
608 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
237 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
match.sharethrough.com — Cisco Umbrella Rank: 559
5 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
dis.criteo.com — Cisco Umbrella Rank: 597
14 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
7 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
3 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
4 KB
6 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com Failed
10 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 66
13 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
eu-u.openx.net — Cisco Umbrella Rank: 2753
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
33 KB
5 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
7 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
229 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1851
1 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
2 KB
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
1 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net Failed
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
13 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
554 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.nl3.eu.criteo.net Failed
75 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
255 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
507 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
771 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
5 KB
2 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9542
user-sync.adxpremium.services Failed
3 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
26 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 gatekeeperconsent.com
the.gatekeeperconsent.com — Cisco Umbrella Rank: 35848
privacy.gatekeeperconsent.com — Cisco Umbrella Rank: 42177
9 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com Failed
2 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
527 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 onaudience.com
pixel-eu.onaudience.com Failed
pixel.onaudience.com
419 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
279 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
795 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
360 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
593 B
1 turn.com
ad.turn.com Failed
434 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
140 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1578
774 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
252 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 2826
459 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
273 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12205
3 KB
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
349 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
59 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4948
29 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
47 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
607 B
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
4 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 27048
45 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
1 KB
0 playground.xyz Failed
ads.playground.xyz Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 zeotap.com Failed
mwzeom.zeotap.com Failed
0 truffle.bid Failed
matching.truffle.bid Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 vidoomy.com Failed
vid.vidoomy.com Failed
0 bliink.io Failed
cookiesync.api.bliink.io Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
as.ck-ie.com Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 bumlam.com Failed
sync.bumlam.com Failed
0 bttrack.com Failed
bttrack.com Failed
0 postrelease.com Failed
jadserve.postrelease.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 admixer.net Failed
inv-nets.admixer.net Failed
0 a-mx.com Failed
id.a-mx.com Failed
394 100
Domain Requested by
25 securepubads.g.doubleclick.net pastelink.net
securepubads.g.doubleclick.net
cd.connatix.com
25 go.ezodn.com pastelink.net
go.ezodn.com
23 onetag-sys.com 6 redirects go.ezodn.com
onetag-sys.com
visitor.omnitagjs.com
csync.smilewanted.com
18 cm.g.doubleclick.net 13 redirects google-bidout-d.openx.net
onetag-sys.com
ssbsync.smartadserver.com
17 g.ezoic.net www.ezojs.com
go.ezodn.com
13 pastelink.net pastelink.net
10 image2.pubmatic.com blank
ads.yieldmo.com
visitor.omnitagjs.com
ads.pubmatic.com
10 image8.pubmatic.com 8 redirects onetag-sys.com
9 visitor.omnitagjs.com 1 redirects go.ezodn.com
visitor.omnitagjs.com
onetag-sys.com
ssbsync.smartadserver.com
8 match.adsrvr.org google-bidout-d.openx.net
blank
onetag-sys.com
visitor.omnitagjs.com
ads.pubmatic.com
7 visitor-eu-west-1.omnitagjs.com visitor.omnitagjs.com
onetag-sys.com
7 x.bidswitch.net 5 redirects onetag-sys.com
7 cds.connatix.com cd.connatix.com
cds.connatix.com
7 ib.adnxs.com 4 redirects go.ezodn.com
acdn.adnxs.com
6 eus.rubiconproject.com visitor.omnitagjs.com
eus.rubiconproject.com
6 csync.smilewanted.com 2 redirects go.ezodn.com
csync.smilewanted.com
onetag-sys.com
6 gum.criteo.com static.criteo.net
gum.criteo.com
go.ezodn.com
6 prebid.smilewanted.com go.ezodn.com
6 btlr.sharethrough.com go.ezodn.com
6 pagead2.googlesyndication.com pastelink.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
5 simage2.pubmatic.com ads.pubmatic.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 www.bing.com 2 redirects googleads.g.doubleclick.net
5 ups.analytics.yahoo.com 1 redirects connectid.analytics.yahoo.com
go.ezodn.com
onetag-sys.com
5 ads.yieldmo.com go.ezodn.com
ads.yieldmo.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.richaudience.com 3 redirects csync.smilewanted.com
4 match.prod.bidr.io 4 redirects
4 id.rlcdn.com onetag-sys.com
visitor.omnitagjs.com
4 pixel.rubiconproject.com 1 redirects onetag-sys.com
4 ads.stickyadstv.com 4 redirects
4 pixel-eu.rubiconproject.com 2 redirects onetag-sys.com
4 b1sync.zemanta.com 4 redirects
4 capi.connatix.com 1 redirects cd.connatix.com
4 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
4 id5-sync.com cdn.id5-sync.com
go.ezodn.com
ssbsync.smartadserver.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ads.pubmatic.com pastelink.net
go.ezodn.com
ads.pubmatic.com
adxbid.info
4 fonts.gstatic.com fonts.googleapis.com
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 secure-assets.rubiconproject.com 3 redirects
3 ap.lijit.com visitor.omnitagjs.com
csync.smilewanted.com
adxbid.info
3 s.amazon-adsystem.com onetag-sys.com
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 sync.mathtag.com onetag-sys.com
3 pixel-sync.sitescout.com 3 redirects
3 match.sharethrough.com blank
3 aax-eu.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
ads.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 static.criteo.net securepubads.g.doubleclick.net
go.ezodn.com
static.criteo.net
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
2 sync.1rx.io 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 creativecdn.com 2 redirects
2 secure.adnxs.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 pixel.tapad.com 1 redirects ads.yieldmo.com
2 i.clean.gg cadmus.script.ac
2 oajs.openx.net 1 redirects pastelink.net
2 prebid.a-mo.net go.ezodn.com
2 rtb.adxpremium.services go.ezodn.com
adxbid.info
2 script.4dex.io go.ezodn.com
script.4dex.io
2 bshr.ezodn.com go.ezodn.com
2 cdn.jsdelivr.net ads.pubmatic.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
2 fonts.googleapis.com pastelink.net
1 pixel.onaudience.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 dmp.adform.net 1 redirects
1 sync.crwdcntrl.net ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cms.quantserve.com 1 redirects
1 ad.turn.com csync.smilewanted.com
ads.pubmatic.com
1 eb2.3lift.com adxbid.info
1 static.smilewanted.com csync.smilewanted.com
1 ssbsync.smartadserver.com visitor.omnitagjs.com
1 sync.adotmob.com 1 redirects
1 csync.loopme.me 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 lb.eu-1-id5-sync.com go.ezodn.com
1 dis.criteo.com 1 redirects
1 adxbid.info go.ezodn.com
1 acdn.adnxs.com go.ezodn.com
1 id.crwdcntrl.net go.ezodn.com
1 id.hadron.ad.gt go.ezodn.com
1 cd.connatix.com 1 redirects
1 us-u.openx.net google-bidout-d.openx.net
1 eu-u.openx.net google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 cdn.adnxs.com googleads.g.doubleclick.net
1 adsdk.microsoft.com googleads.g.doubleclick.net
1 cadmus.script.ac script.4dex.io
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 hb-api.omnitagjs.com go.ezodn.com
1 bidder.criteo.com go.ezodn.com
1 hbopenbid.pubmatic.com go.ezodn.com
1 g.ezodn.com pastelink.net
1 www.gstatic.com www.google.com
1 privacy.gatekeeperconsent.com the.gatekeeperconsent.com
1 the.gatekeeperconsent.com pastelink.net
1 www.ezojs.com pastelink.net
1 cdnjs.cloudflare.com pastelink.net
0 ads.playground.xyz Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 mwzeom.zeotap.com Failed ads.pubmatic.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 user-sync.adxpremium.services Failed adxbid.info
0 token.rubiconproject.com Failed eus.rubiconproject.com
0 vid.vidoomy.com Failed adxbid.info
0 as.ck-ie.com Failed adxbid.info
0 cookiesync.api.bliink.io Failed csync.smilewanted.com
0 rtb.mfadsrvr.com Failed csync.smilewanted.com
0 cm.adform.net Failed csync.smilewanted.com
adxbid.info
0 us.ck-ie.com Failed csync.smilewanted.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 pr-bh.ybp.yahoo.com Failed ads.pubmatic.com
0 pixel-eu.onaudience.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 sync.bumlam.com Failed ads.pubmatic.com
0 bttrack.com Failed visitor.omnitagjs.com
0 jadserve.postrelease.com Failed visitor.omnitagjs.com
0 ads.betweendigital.com Failed visitor.omnitagjs.com
csync.smilewanted.com
0 inv-nets.admixer.net Failed visitor.omnitagjs.com
0 id.a-mx.com Failed go.ezodn.com
0 csm.nl3.eu.criteo.net Failed gum.criteo.com
0 imasdk.googleapis.com Failed cd.connatix.com
0 lit.connatix.com Failed cd.connatix.com
0 vid.connatix.com Failed cd.connatix.com
394 156

This site contains no links.

Subject Issuer Validity Valid
pastelink.net
R3		 2023-09-14 -
2023-12-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.ezojs.com
GTS CA 1P5		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.gatekeeperconsent.com
GTS CA 1P5		 2023-09-02 -
2023-12-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ezoic.net
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ezodn.com
E1		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
connatix.com
GTS CA 1P5		 2023-09-05 -
2023-12-04		 3 months crt.sh
adxbid.info
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh

This page contains 62 frames:

Primary Page: https://pastelink.net/cpsbn47l
Frame ID: 877F77C6670852D0CC2308E4C74954C1
Requests: 166 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Frame ID: DC57D3E3F3EE313A7CD4F0E86CA33D21
Requests: 1 HTTP requests in this frame

Frame: https://2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49F45C7F84474383EDF7301B5CD637B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Frame ID: DCF2046B7356F428D0EEBA22385F5E02
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=250&adk=1204883557&adf=2224284356&w=706&lmt=1698624836&rafmt=12&channel=4987320600&format=706x250&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436744&bpp=1&bdt=2163&idt=206&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=120247131671&pv_ch=4987320600%2B&frm=20&pv=1&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6SyidjxcH&p=https%3A//pastelink.net&dtd=210
Frame ID: 8576411B6B28ECAA4107294DA9943B9E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Frame ID: C109630A1E79F09CFAC6D661A46E35F4
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9E8B18B3BE55521E17F460D6B05A5DD2
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 8AA6B4854B385165C245418B0DF139D1
Requests: 3 HTTP requests in this frame

Frame: https://cds.connatix.com/p/365249/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Frame ID: EA6CF83C9C206C94F9D651DC07EDDA1B
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C44F741118B807A60607EBA8E9B4F8CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 855BFAF25FB846E4B7A858E0947461F4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EC4DCDE0BE19FF0982BF0549E2AE9745
Requests: 3 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: D5EB344670984B565433D1A98C1F2823
Requests: 21 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 477490B9013C0901B0A35F0E157D1C4E
Requests: 6 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 44541AFFEA0D8B0B1C0736E07D8E5622
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698628437215
Frame ID: 8D62A466523C94BFB121E9A556E92153
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Frame ID: B4B18D4C54B8D8F78B46DBDB82F01AA7
Requests: 23 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 720A9B871F1F62315DB17AA24E888979
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 5941CC9EBA9ED10BBB25EEA4E1371AED
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 58C8D6874DF1D97649DD2B1CF814CAA5
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 8C45AA6CAAD15115956CD41D367C72E5
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 8C2E8BB7A9F93FCBFFE446CBE147B6E7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 0507B5020E3C443BFF9A7B5CED8509E7
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 2CB2D535F81371D1F8363A41D4092B0F
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 107B4861E064D65C2FB7724A382DFAA0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 66072152DF57DF270A7CE35FADE545A5
Requests: 16 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 9B005755A5E9F831ADCD5AC570D6A723
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=32a9ee613ba5bbe1e811b5cb459e5024
Frame ID: 4304167D2DFD591B9CA31DA785F0A8B9
Requests: 1 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=45&rndcb=6052806516
Frame ID: D3FF2B5DDBE420B791AEF9E98E28CA7C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 9A4FA593C994C307CABD90379CAA96E0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6993747C-8CF7-44A2-B3BC-F486809E2F4A&redir=true&gdpr=0&gdpr_consent=
Frame ID: 49A2D5EE8804B039E449AED8DFAB2C16
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn
Frame ID: F9B65BCDB926B7F9FF7E6BF9CC80DB2A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=762508879796792481&gdpr=0&gdpr_consent=
Frame ID: 8A6426B65B00D8AB8FDFFC05BAB6DE7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295553602155772063&gdpr=0&gdpr_consent=
Frame ID: 4B6820C4D0EA9A2EDE6B0B2CB9BBC44D
Requests: 1 HTTP requests in this frame

Frame: https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=0&gdpr_consent=
Frame ID: E83563383E247AEEB6F3389339747FE6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JqwJre5MV0xKQh9DQpOhh1TjqRQ&gdpr=0&gdpr_consent=
Frame ID: D52A534A5764435EEB8B036A535D3585
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZT8DWQACIaMCiwAg
Frame ID: 1A15EA6D87F3F26EB7ACB257F5696D4F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 6901E882A2F95A522383F2C048915D30
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?ev=AAGmXU7KfgcAABl-iR6d0Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: 147BDFF5B15B728BC9831AC4CED7CB88
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03d3643a9daa4011afcc6cd2d7a79dc4
Frame ID: 2532E4892DAE6FF7F21779DD9D5DDF1E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 89F6D0089F8221FA6C0BFE89E5DA91F0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C78F3B1D4F9A0536831405AF05C20D21
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 504BD09CE35EE4B851A37831FB453EEB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3605117586719518215
Frame ID: ACF0FCB51F23B3EF00F31D8E05E4CED8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329250838588
Frame ID: C24B4032A337A61A82FAE7202ADA2B06
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 637EB877CD2742CD179B905219DC7146
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 33AE5E8A4007BBD14F094C1B78EEAFE6
Requests: 1 HTTP requests in this frame

Frame: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Frame ID: 430A5A439D16322D4AEBC3A21B469BF1
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: 58F8ADDC85D3A6C038EBDDD93F4BC76E
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 931C32EDFB7033DBD0B8E820C353BCB4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 039B8DDDB695B05C357AC26A39845857
Requests: 1 HTTP requests in this frame

Frame: https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
Frame ID: FCE3924AE644F490CD08EAFFAC344627
Requests: 1 HTTP requests in this frame

Frame: https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Frame ID: 7839B7FC5953BBB76B0D67CEA4C67A90
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/eac12f2077bd14f66c932cbb3977b3?gdpr_consent=&gdpr=0
Frame ID: 8C176003282BAC3D9B6657BB7F219449
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 77BDC1D3DCF3638D5DF784325D23FB5A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 51446CF12B49E55192A2EB0FC417A6A8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent=
Frame ID: F52CA8223351E0B0A826D0EF4DFCF896
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 42C2D88BE371191F556B5C6ED6ED77FC
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 166192EB19B1D4CEBA5D7B4A1E5E06A3
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A44ADCA4D484B286D9E31C8AF8C96604
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8FD1936F35954DB181146456D0F0F8D4&gdpr=0&gdpr_consent=
Frame ID: EAEE9C01D93AA0A26676BD2347ED0794
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003
Frame ID: C95389EEA8512A54F60ECDE785024A2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

394
Requests

69 %
HTTPS

0 %
IPv6

100
Domains

156
Subdomains

92
IPs

11
Countries

3157 kB
Transfer

8825 kB
Size

129
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&rid=esp&cc=1
Request Chain 123
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d39f694-ae85-4d1c-8f40-45e3375910ce&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=065f8b18-e9d9-4d75-87e6-f62cfde02b27&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D77a5086e2bb640efbd9edb61e6df5b5c%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=7733002073974128631 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=77a5086e2bb640efbd9edb61e6df5b5c&SNR=1&GV=2&med=10
Request Chain 132
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7274554178927420115
Request Chain 133
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4493a614-8aa8-cfc8-29f4-3f3ca9ff6b3a HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4493a614-8aa8-cfc8-29f4-3f3ca9ff6b3a&dcc=t
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFSXnos0IuucqPWNc7KT-aE&google_cver=1
Request Chain 153
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
  • https://cds.connatix.com/p/365249/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Request Chain 154
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d39f694-ae85-4d1c-8f40-45e3375910ce&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=065f8b18-e9d9-4d75-87e6-f62cfde02b27&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D77a5086e2bb640efbd9edb61e6df5b5c%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=7733002073974128631 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=77a5086e2bb640efbd9edb61e6df5b5c&tids=15000&med=10
Request Chain 166
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
Request Chain 202
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-l8_jG12bykjI6U4Y0aN4JkWijZRm8NGTdRuoKA&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 204
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=&gdpr=0
Request Chain 205
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Request Chain 206
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&gpp=&gpp_sid= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&gpp=&gpp_sid=&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE4RkZBN0QtNEYyQi00RDg0LUFCOUMtNTRDQ0M1NkJDNTMx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 210
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
Request Chain 211
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
Request Chain 213
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lEa0Iueh1sAHh4dg4L2HtzWtJrRw-ew
Request Chain 216
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4XUbeghlxuPdtr9SMFnhM_eNet8zC1M2Jxhh9iQKGIk
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=762508879796792481&pn_id=an
Request Chain 223
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjMxNEZCMUItMjc0Qy00NDMyLTlBMTUtQUIzNDA3NEEzMzE2&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Request Chain 224
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3eLALLL__uL3lhGTLG5J HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3eLALLL__uL3lhGTLG5J
Request Chain 225
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LOC7IL9R-F-6MHX
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEAD7XEJeAtJlHzj5sevRgdg&google_cver=1
Request Chain 228
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 229
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 230
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adyoulike&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&google_hm=MTY1ODU0YzctN2M0Zi00MDI3LWIxY2YtYjBhOGIyY2Q5MjZm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFO7fbysC3ZOnblfi-ijovc&google_cver=1&ssp=adyoulike&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&name=BIDSWITCH&gdpr=&gdpr_consent=
Request Chain 232
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=O8Z2fv1nLSYcCedqCFnv&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Request Chain 233
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=32a9ee613ba5bbe1e811b5cb459e5024&gdpr=0&gdpr_consent=
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAGmXU7KfgcAABl-iR6d0Q&name=BEESWAX
Request Chain 236
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFBMDUwQzUtNkYxQS00OTI2LUIwQUMtQUY4NDE4MDczMjY2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 237
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 238
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 239
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=52ae1379-ca15-4619-9587-be244d87fe1d%20&gdpr_consent=null&gdpr=0
Request Chain 240
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09bd22040014c93362c117c7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 241
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-26ac09ad-ee4c-574c-4a42-1f434293a187$ip$84.227.169.20&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 248
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 250
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 251
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 257
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lErGqOy13R-mpnoYQwramv8U2Nf-szw
Request Chain 260
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LOC7ILBO-1T-IEXZ&gdpr=0
Request Chain 261
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=762508879796792481
Request Chain 262
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=c76b71bde7643dfaab45299f8e4ef3d&gdpr_consent=&gdpr=0
Request Chain 264
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=6360361698443397873
Request Chain 265
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8
Request Chain 266
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9AA050C5-6F1A-4926-B0AC-AF8418073266&gdpr=0&gdpr_consent=
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
Request Chain 268
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-C7JcMdRE2uFVZRhCa82VEDt_7KBYZVeJq6PkwuE-~A
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9dee695e-1939-453e-9fc5-e71c4d551648&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 277
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lFUUCzEH9yZOsjD3cA3LgE5DDaWpUSA
Request Chain 279
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TlOIm8Wm25Hj0poXXx0XVfrmI2L_awe59nEt6LxP_ds
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
Request Chain 283
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
Request Chain 284
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
Request Chain 290
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=32a9ee613ba5bbe1e811b5cb459e5024
Request Chain 293
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGmXU7KfgcAABl-iR6d0Q&partnerid=127&gdpr=0
Request Chain 294
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b23c09598554890304c218fa87cbfccd&gdpr=0&gdpr_consent=0
Request Chain 295
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2OTEyOTE5MjAyMjIxNTM5MA==&gdpr=0&gdpr_consent=
Request Chain 297
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1698628441261 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6052806516
Request Chain 298
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 300
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn
Request Chain 301
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=762508879796792481&gdpr=0&gdpr_consent=
Request Chain 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295553602155772063&gdpr=0&gdpr_consent=
Request Chain 303
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=0&gdpr_consent=
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JqwJre5MV0xKQh9DQpOhh1TjqRQ&gdpr=0&gdpr_consent=
Request Chain 305
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZT8DWQACIaMCiwAg
Request Chain 306
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 307
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSmMwN0tmZ2NBQUJoYjItWmJNQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAGmXU7KfgcAABl-iR6d0Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 308
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03d3643a9daa4011afcc6cd2d7a79dc4
Request Chain 309
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 312
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3605117586719518215
Request Chain 313
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329250838588
Request Chain 316
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aZN0fIz3RKKzvPSGgJ4vSg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 319
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3744803072
Request Chain 320
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6993747C-8CF7-44A2-B3BC-F486809E2F4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTAzOTJ0UGFYUlFReGUtWUoxRFk5LXVlQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7274554178927420115&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk5Mzc0N0MtOENGNy00NEEyLUIzQkMtRjQ4NjgwOUUyRjRB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGkRyFvoSeo3FbVKtJAijE0&google_cver=1
Request Chain 324
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7274554178927420115
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.X0s6aBE2uUt_MQMVzXnV5hgyedm9mU-~A&gdpr=0
Request Chain 328
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=
Request Chain 331
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:08d3fb99-da8b-4013-af1a-c2ebc83567a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 336
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=k0d-MF9UN1B0c3ZENjNSaE5vSFQyV0VLUTZwQzVuM215MVpITUY0Q3lXUndkYlM3Skp2ZUpkQzIzeGZ6T05lUFlEOUM3V3gyMGtaNlVaVGV4TXBMd0ppcXVWRmtoMEtZV1dTd0V0bXF4c1VHSnZ1ZEZiN1JncCUyQnV2WmI4RXI0aGt5bFVVYnBzUEhnS0FPbXpuUXdtZkdKZkFUWWVkdW9ieW1rJTJCb2ZTTWdPMjZlbHN6NmlXTEE3ZFJmRlRJaml2ZzE4WHNN&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-x28wZV2bykjI6U4Y0aN4JkWijZQd9viBVA2pzA HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 341
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/eac12f2077bd14f66c932cbb3977b3?gdpr_consent=&gdpr=0
Request Chain 352
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZT8DWvjpTkuh7P4sPx4tDwAA%262175
Request Chain 356
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50 HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LOC7ILCO-14-808P
Request Chain 367
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 370
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8FD1936F35954DB181146456D0F0F8D4&gdpr=0&gdpr_consent=
Request Chain 371
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6491609716 HTTP 302
  • https://sync.1rx.io/usersync/turn/2627172881630809571?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1b9cb420-c801-4276-a7a0-48014d44dbac-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003
Request Chain 374
  • https://pixel.onaudience.com/?partner=214&mapped=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

394 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cpsbn47l
pastelink.net/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
0767eef091939a155706681ea361a93bab90c311f4fec6a9b6b4e8f3c449220b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:13:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:13:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 01:13:55 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/cpsbn47l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/cpsbn47l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/cpsbn47l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-b8f8"
content-type
application/javascript
accept-ranges
bytes
content-length
47352
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3573914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQxe6S5yQYOcU8nPSNBAMs5SSSt73CYu6CxpxeRHgMr1hxte80Q%2FpQrOWMHlbBRhYX0OL6nxtnTSIStmPMnMOcDHsB4kGs7wo29xKgZk4SWSKs%2FNbmkQmbgC1zstJ0Z9Ccx2My5B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81dfcc669a9424c6-ZRH
expires
Sat, 19 Oct 2024 01:13:54 GMT
sa.min.js
www.ezojs.com/ezoic/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/ezoic/sa.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.63.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce81b1567a58fda3f1b0fcbed0238d09249a4624f89ce077cf992d4cfdb52fba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Oct 2023 00:30:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
74927
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8q%2BIONT9x%2B7rfE7Oiez0O%2FXBikIqNDcjk2sFCxt%2Btg3f%2FW0QlZLQQ8bA2e13%2FyyPM05GsWeMUh9%2Fl%2B5VfAcVqDk1T9bfwDNtxqad%2FqXL91kfTCTfV21fXjz2MnJjSF3q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=86400
x-robots-tag
noindex
cf-ray
81dfcc66ed210e3e-MXP
alt-svc
h3=":443"; ma=86400
cmp.min.js
the.gatekeeperconsent.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://the.gatekeeperconsent.com/cmp.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.28.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5997b73d1ba8f5eefec48d79c1cd417caf47c457e6ad47e5bb64288588e061c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 01:05:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
74
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sznvF%2Bci3Y7C3SyGC4LoRJfjgPC7723OENfdgFWXHQTTuhtoUH06Ck4PStifEtgO2w6DsTwEKdZZjrNR9ypIFaDpj1ShqlIoGsgNTtpH2CglJopPUf9GMc53FVIBRUOIzCY%2FSfn7Q13KUzto"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=14400
x-robots-tag
noindex
cf-ray
81dfcc66bad3baeb-MXP
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		2 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Serif:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
f638c06469327f93e5bc86ced0856b2cb42f583334ebcf3ea346fb802a5446c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:13:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 01:13:55 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
a7cc1c0a78c74129a8c173cf11de37ec09eb2d51bc63a5ca452fa966d7c211f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 30 Oct 2023 01:13:55 GMT
gtm.js
www.googletagmanager.com/ 		259 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6c526e79363776fb76cba9edcdb098f8bcbc8f2c6f6f62aed3430e1c15e2320c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91149
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 01:13:55 GMT
consent_modules.json
privacy.gatekeeperconsent.com/ 		34 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.gatekeeperconsent.com/consent_modules.json
Requested by
Host: the.gatekeeperconsent.com
URL: https://the.gatekeeperconsent.com/cmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.144.62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d808aef91f5fc3308dd8c97bde0383aef646942ae9b5d76c441da284469294

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ewaCKxbCYUa%2FW7P7cRprNU95zeshum5NrF1cWESRNRU%2BOwdaDZ99L1ZAYMgoSOb%2BM3DadHa4FILNXLaJ22xTbTmv4dSlMULmTeIvz5s3ODftEpIpuWfFfQ5bJeCOhK7Iw397CFYyGeowgJKtrIr5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=15780000, public
cf-ray
81dfcc6a5c320e1b-MXP
alt-svc
h3=":443"; ma=86400
content-length
34
sa.go
g.ezoic.net/ 		116 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/sa.go
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/ezoic/sa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
de6223a5ca5d2d48bc6ffa73a98f9cf66cb50ebec51caf1ab4e9bbde2494a3db

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/javascript
access-control-allow-origin
https://pastelink.net
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag
noindex
access-control-allow-headers
Content-Type
expires
Sun, 29 Oct 2023 01:13:55 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 19:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190291
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Oct 2024 19:05:51 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 17:02:00 GMT
x-content-type-options
nosniff
age
547915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 17:02:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:56:09 GMT
x-content-type-options
nosniff
age
281866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:56:09 GMT
jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2
fonts.gstatic.com/s/ibmplexserif/v19/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexserif/v19/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Serif:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
256774147c18fde1089393e4008316d583dd0fe5f5aacc9438b23640ce1c552a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 07:20:10 GMT
x-content-type-options
nosniff
age
237225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19616
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 23:37:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2024 07:20:10 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 00:08:32 GMT
x-content-type-options
nosniff
age
349523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 00:08:32 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
226716873806eb8e4e43f9d499be3be3448b4792e020cf7cb8712577a03b0bd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86469
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 01:13:55 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Oct 2023 23:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4944
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 30 Oct 2023 01:51:32 GMT
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.136.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5751094
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaGAECeebNZaFT9WLCTwH9ds7a2G41%2FU3mXM730v4MhCcGUStTwjoyYBegsTe20RMWmt1PIuRBhLAXz3vva7Hl1tcIuI90mYQR5NiaQaG8V6gEDbOL5Wem2tCp23Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
81dfcc6ead809b83-FRA
alt-svc
h3=":443"; ma=86400
boise.js
go.ezodn.com/detroitchicago/ 		673 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/boise.js?gcb=195-0&cb=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fa04d8b4b07ebd5ebb250e33b532615e80dd02d46afb5cc0654c3c128b1c427

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 18:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15657812
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjiqUE%2FrNbSJQc7lIMKqQBPyLw3iz8JMXgUUl%2FWHiUtD3sTCwE4rF%2FJgy1JhFce7tocGSLO%2B6lZrryfjBzn9x9wfhyLA5XZOTArQXB7p66HZnTzfCXG2FT5F4TJ4BaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eae798ffe-FRA
alt-svc
h3=":443"; ma=86400
abilene.js
go.ezodn.com/parsonsmaize/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 21:36:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
185843
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMmZVR9LStgW7aU8nRYZlZIObGhTjSQAX0etNnxP14D5ei%2FUp3Zp7r1mqsA%2BTgSwt3zrty%2Fpet6MofiWpii7lBQh0I5IMV5iMRJeQ3MQNrAECIxx9IhhDdiqzlKUfxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eae788ffe-FRA
alt-svc
h3=":443"; ma=86400
et.js
go.ezodn.com/porpoiseant/ 		1 KB
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/et.js?gcb=195-0&cb=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 18:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5296303
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DqFL31bBDzQpBBbYk0BJ2mtWybr6y%2FH%2BQbVGEtjfFh27OBkgiVAvV6dINcKSMizSVF%2BY6et80bn9IBtwXVHSRbyJ66zknBydp9ufmQajZ7GBQy91sxHb5kfV82%2B%2B7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eae7c8ffe-FRA
alt-svc
h3=":443"; ma=86400
jellyfish.js
go.ezodn.com/porpoiseant/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/jellyfish.js?a=a&cb=11&dcb=195-0&shcb=34
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 21:47:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
271597
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnuKzmrFN5YBKeVOySwz%2BM0FV37oODttXsn8lhOsPEZeUYBYn7cS4nBTEhOjZ%2B3OT5dCYB3j5FF4VEIvztcoYR8Tx6EideCf1AeFgt3Fio7KEUvqouwnFeigUwY%2FVFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eae768ffe-FRA
alt-svc
h3=":443"; ma=86400
tortoise.js
go.ezodn.com/beardeddragon/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/tortoise.js?gcb=0&cb=6
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1049174
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
content-length
1378
last-modified
Tue, 17 Oct 2023 21:47:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq0E%2BAO7VHxn3FZBf7Q6HlVTvY7ytZVSmkMYN5wO099ZxCQPaPuaNYw%2FvJ%2Bko%2BPiSTVcoImfG3kAuzDUMXVFkd97bfo6htxXkFpDKOnqlOHrM4lkN9OiP16Wkw%2BoXYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
81dfcc6eae7b8ffe-FRA
armadillo.js
go.ezodn.com/beardeddragon/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/beardeddragon/armadillo.js?gcb=0&cb=27
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1049144
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
content-length
1021
last-modified
Tue, 17 Oct 2023 21:47:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98dNE7U7VooFHj9oOkrNTfYUJxlFnZscF8At45jjg8063oNl0IxHbNISsl3SYw%2BlFz8cQzLH%2BJfd5gyNuqHN2L5bNHXh5NfoO%2Fum2Q3TReXyDrHrRkwHRABbo03i5NU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
81dfcc6eae778ffe-FRA
anchorfix.js
go.ezodn.com/detroitchicago/ 		658 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/anchorfix.js?cb=195-0
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de87bb69f975f75ecc1e95684d9f1bdaaae75bcbbb118b4b280a8c425be735c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Jan 2023 12:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
11121613
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4f59jEeHtIMPv48Imf6Ph5PTD5Kmv0BDWczmsNYC%2BMjHJT9nArAbELFzuCWxvup%2Bt9siOvX1dcwaEmSXKYuI1JdPqTLjnrmv3doOnm86G%2FbHCEme58o94toRwjeSXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eee988ffe-FRA
alt-svc
h3=":443"; ma=86400
stickyfix.js
go.ezodn.com/detroitchicago/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/stickyfix.js?cb=37&dcb=195-0
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32a2baa1b5a0e87a7b49efbf01793684e0c5b719f13c73e6216143dc34e4ff60

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1045795
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
content-length
1296
last-modified
Tue, 17 Oct 2023 22:44:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSlfIV8mqDs4COPMYcjkKFFvv1eXZGHa5SYLhvkVlM%2BJcdyvfKHZ4j6TM45OfhxjzYvUlbEYKcAmIUXmwhEXeDE%2BHzl81FA1LGLK7EQh1TNqHgOjf02mtSZC9hQeuG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
81dfcc6eee998ffe-FRA
sidebarwall.js
go.ezodn.com/detroitchicago/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/sidebarwall.js?gcb=0&cb=19
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a1c89d041719447a42512583c5c950769a928b5c0a82a198f28731ebac893c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 04 Apr 2023 00:26:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15660103
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqmUz2atDymwLwh2l3c3%2Bf7oyRbNcaUu3Y97rjhlggYmCq8QpTMLDOT4A2kjpqUbS%2FjbWgb8I9p4mzlBYG7xeeBZs107LoN3e%2F2cygfaenu6sFJkrax%2BFb6571GHCPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eee9a8ffe-FRA
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9724d398708e354580c5fbe66b041b5134a37082b674da1e770b6840393408a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29833
x-xss-protection
0
server
cafe
etag
650 / 19660 / 31079134 / config-hash: 13942866851986637457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 01:13:56 GMT
tuscon.js
go.ezodn.com/detroitchicago/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/tuscon.js?gcb=0&cb=13
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fbbe164918e6fb86e26b49d99c193d1c36ec6bbf9a51b9967ca74f2282ccde

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 03:17:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2238971
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSUaNcv%2F1ejSoHM%2B0UDO2ysaRO2iovikvHb7WoXe7uZkujRnqFwbZxVCvb2TCTWWa4UllNx6hkZK4GvbS3WQgeOTMxcHJqvQ5y2jGw%2BFKYdyMupS%2FcKxhQsLwtF73zo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eee9b8ffe-FRA
alt-svc
h3=":443"; ma=86400
kenai.js
go.ezodn.com/detroitchicago/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/kenai.js?gcb=0&cb=6
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 23:04:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15645623
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtqjIUo1%2FOFm0F920fUx%2B3QAeMy9ERo%2B0GXhVufS1LU73RKV8QacBSzTd14qIApGP82WY2k1pDpTZ1%2FfOgWqJIFY%2FaOtkl3jl0lxxIcBqSGm1AhiWngpk4FhKdj3MVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eee9c8ffe-FRA
alt-svc
h3=":443"; ma=86400
portland.js
go.ezodn.com/detroitchicago/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/portland.js?gcb=0&cb=43
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
958e28bc668ef4f2e177884feeb001f2024f40838d21856dcc4f2951615dc5e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Oct 2023 20:28:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1399533
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bv%2B6g4Kn52YiD4DR8CZuENma8IQk30am03aYeX%2FqQHeEFlLfC2Bn4Pcu%2B29mWLFK6ISEfAQLcvy3tuJnuzVLoX05jLxjAzCg%2FKsGyY%2FcuHrDmipuQrIzj9brRpQFipQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eee9d8ffe-FRA
alt-svc
h3=":443"; ma=86400
dall.js
go.ezodn.com/hb/ 		748 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-0-68
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ed6dfe36a2b2680ab6067032185f2c4cccc534b118a3d2067c6b643ef43678

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 17:01:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
288762
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrWh%2F2B24gzzn%2FiZsWfxM9IMXJV57PhG8gGnH%2FzX8t0Us2gizxXVhu0R7RAqZ1GxtI4fp1OFEAruZJc7b%2BOKhdn3T2GX2A3SO3mVB5lcSS8A8uyrpYb2QOrXPgiLvzI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
81dfcc6eee9e8ffe-FRA
alt-svc
h3=":443"; ma=86400
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162833/9311/ 		560 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d2975ad9fed76943cd29612c490a47ff3885a95e75457aeef4a6d1c8752f156e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:55 GMT
content-encoding
gzip
last-modified
Mon, 16 Oct 2023 20:16:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=112395
accept-ranges
bytes
content-length
177523
expires
Tue, 31 Oct 2023 08:27:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d1e3c22b91f848e4927faacd595df9d18461284191d08a1ceda7b06b201b1903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51039
x-xss-protection
0
server
cafe
etag
14713306240531149416
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 01:13:56 GMT
banger.js
go.ezodn.com/porpoiseant/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47136135f5a6927b97483def6b726635568e8bde0a6e0d529f2fc7b339df2fcd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 22:38:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
182125
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqP%2FYlpnATsyJGqA%2BQUj2Y1uNKYWiBQ96cwZP3m3On9pdo%2F4tWTRShz%2BKlIsmMztGmYg%2BLyjy9x2NZmUopPFzhHSYJ34zwLqoqiPuTA3km63NLuApe7Yh0iSrgUIfSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eee9f8ffe-FRA
alt-svc
h3=":443"; ma=86400
ezoic.png
go.ezodn.com/utilcave_com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/ezoic.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
cf-cache-status
HIT
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
176184
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 18:09:20 GMT
server
cloudflare
etag
W/"592-608b69664f91d-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do9IGPHfZDrUAxwdUOV7wrjTReZf5A%2FwoC%2B5uKaEVYwVAe66WKdkf3sBX5bweoEbNnQeEbmbFdTagKXbUC9Mr6og3LBS7XJevg1HsVPwy17eR5tYBq4c0JMBigeuXug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
cf-ray
81dfcc6eeea08ffe-FRA
expires
Sat, 04 Nov 2023 00:17:28 GMT
ezoicbwa.png
go.ezodn.com/utilcave_com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/ezoicbwa.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b848ce1bea5ca25251a1c22058f8df660f1c8161c21ebc13a9ba55ec479d10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
cf-cache-status
HIT
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
176196
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400
content-length
1331
last-modified
Thu, 26 Oct 2023 16:57:35 GMT
server
cloudflare
etag
"533-608a177fb1590-gzip-gzip"
vary
Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxAgB0T5aI%2F3nwVDdR0239NSPMxXEgZJFD%2F2zLPJ1wo23nFJM4JyCLvGMmbLZSFJX0NjbNOmfBbSo77021WVQjB4NiPn8BMKOTaxozLHj7RjNpYkR005%2B%2FmBd68nWsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
81dfcc6eeea18ffe-FRA
expires
Sat, 04 Nov 2023 00:17:16 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3ap0v873532799z8831407672&_p=2046699570&gcd=11l1l1l1l1&cid=1537357757.1698628436&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698628435&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&dt=%D8%B4%D8%B4%D9%85%DB%8C%D9%86%20%DA%A9%D8%A7%D8%B1%DA%AF%D8%A7%D9%87%20%D9%88%DA%A9%DB%8C%D9%84%20%D8%AD%D8%B1%D9%81%D9%87%20%D8%A7%DB%8C%20%D9%85%D9%87%D8%A7%D8%B1%D8%AA%20%D9%87%D8%A7%DB%8C%20%D8%A8%D9%86%DB%8C%D8%A7%D8%AF%DB%8C%D9%86%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ezadloadhb.js
go.ezodn.com/porpoiseant/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/ezadloadhb.js?gcb=195-0&cb=123
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e286031bab2a01f6284da514b3feb85b3a65a264d5d0172329ea44f698d46314

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Oct 2023 00:33:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
175226
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otPcu5j31KVLQ8fT%2FzoaTUloVCZvhyMNCKCyp%2Fhe6VPa7FFqImi%2FY37KEjAJqQ2JGEgIn6V34cRfkFiu52E3BVSR1FBm9BJopNky9uPMfQcay03cQSvhIoR0D8a%2F%2BJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6eeea28ffe-FRA
alt-svc
h3=":443"; ma=86400
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231030
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2545e9db8fd27d8f072315b91467f140b957e02d17394ea99163bf15e71d9c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33187
x-jsd-version
1.0.1858
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mxp6945-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"639-JIoH0rC3eM5Ma/34pnbUDocs2MQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYGHMpcwwt0S8lu1PgTAGxfCaNcSWrQFDX7KoYncv0icOF%2Fu28xDYiv79KpIe4Yn9bjajwOlmOlGzWcKkeeSmpfgwLB6AY06al7nAlk3Eaf6C1YctEm5oSrNG7SrXS1hF0I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81dfcc707d5a24c4-ZRH
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2046699570&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&ul=en-us&de=UTF-8&dt=%D8%B4%D8%B4%D9%85%DB%8C%D9%86%20%DA%A9%D8%A7%D8%B1%DA%AF%D8%A7%D9%87%20%D9%88%DA%A9%DB%8C%D9%84%20%D8%AD%D8%B1%D9%81%D9%87%20%D8%A7%DB%8C%20%D9%85%D9%87%D8%A7%D8%B1%D8%AA%20%D9%87%D8%A7%DB%8C%20%D8%A8%D9%86%DB%8C%D8%A7%D8%AF%DB%8C%D9%86%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=478085845&gjid=1537484440&cid=1537357757.1698628436&tid=UA-55088947-2&_gid=87720358.1698628436&_r=1&_slc=1&gtm=45He3ap0n8155WHPWQv831407672&gcd=11l1l1l1l1&z=1271372180
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e5eb0dcb5516d2cf3ae9909a964e0886cdc8370593941827e0376bee80fcc0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83011
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 01:13:56 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je3ap0v9136110041&_p=2046699570&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=1537357757.1698628436&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&dt=%D8%B4%D8%B4%D9%85%DB%8C%D9%86%20%DA%A9%D8%A7%D8%B1%DA%AF%D8%A7%D9%87%20%D9%88%DA%A9%DB%8C%D9%84%20%D8%AD%D8%B1%D9%81%D9%87%20%D8%A7%DB%8C%20%D9%85%D9%87%D8%A7%D8%B1%D8%AA%20%D9%87%D8%A7%DB%8C%20%D8%A8%D9%86%DB%8C%D8%A7%D8%AF%DB%8C%D9%86%20-%20Pastelink.net&sid=1698628436&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mulvane.js
go.ezodn.com/parsonsmaize/ 		1002 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/mulvane.js?gcb=195-0&cb=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 23:10:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4673006
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lhf2cYBzx9vVesUVXNDYln%2FD0Zr8472x5h4Icg00OzyKBsVqmQagrp%2Bn81r8L8XeghfKy%2F6wGjzCYPyA3dqeM0LHzQigCINBSFhktN24sP5MMWBp5OJ7%2FKah%2BXGeLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6f4eb88ffe-FRA
alt-svc
h3=":443"; ma=86400
raleigh.js
go.ezodn.com/detroitchicago/ 		1 KB
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/raleigh.js?gcb=195-0&cb=6
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30887d75ca7268ceabc93067bca019f8ffe07189630a759407b236736e1f15af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 Aug 2022 18:54:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7107569
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgGkRif100lZ%2BOqPiJ9bBxk3PnAdGmPfYiSRXTOLehOrjvUoFXnEWFZfumzX%2FjFZHFRYUfAPzkWEjDK2ILwrbz%2B1xrcxUFzNTwiY4HvA2c7o2jUxjYlYdblvumj4fhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6f4eb98ffe-FRA
alt-svc
h3=":443"; ma=86400
vista.js
go.ezodn.com/detroitchicago/ 		821 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/vista.js?gcb=195-0&cb=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Aug 2023 18:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5296303
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTteSS4ad0zqEeuHHhEMSQS%2BW5Riqu%2FG69pPSnuHUuuhXvhfDC2Xv9lr5eJxwYpa1Q5l2Kr%2FMQGdIVCGuzF%2FqXhXwQAnoAkIK8gXLzKQY7SckPnROCGjnaFiJvHe%2BGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6f4eba8ffe-FRA
alt-svc
h3=":443"; ma=86400
tampa.js
go.ezodn.com/detroitchicago/ 		723 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/detroitchicago/tampa.js?gcb=195-0&cb=5
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Aug 2023 00:50:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1680091
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz6tzfQMUYW1VW04gL%2FkUnkSqPuGybtzVs5Scdkdj%2FcwnXsCAKzeeW7wf7oGNgX%2F8Zzc2jvvpgfDx0n2r4mxqed3Uhh7sxE6MsxAhMXix5HKTqnr8XCU7%2Bc%2BWv8SI88%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc6f4ebb8ffe-FRA
alt-svc
h3=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
52650
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134989
x-xss-protection
0
server
cafe
etag
2612702921649259081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 28 Oct 2024 10:36:26 GMT
/
bshr.ezodn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bshr.ezodn.com/?did=251786&bf=30000&dc=1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81dfcc736c6519af-FRA
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 30 Oct 2023 01:13:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=146WvUOc8mrRu5W%2Fq1xd3kRDzbEC9%2BdGyTJs7hIi6NAj4n7XuKRQ%2BZJE61cWcvJVAOK3EMnFpA7ixy1kxN3U1l3sKfjgQrK7kwbjoVh4ro9rE%2BEDMNiDky1exv%2BSEuDCAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
nmash.js
go.ezodn.com/porpoiseant/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/porpoiseant/nmash.js?bv=279
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d35a435c34e52e98e05cdda07d86d384e983dc8400effc1af4c968375ba3ea4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 22:38:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
182132
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB1a0d%2B8UYwG9g0uoHciCo5FFi6bXVHWpDxnTaY047G3bZDAayikp94PpYl3a0jLB91cY3FWf0baJDksR4j%2F%2BD9grJhvwqXF2Vy3HeQN2AE%2FimiAue3F%2F9%2FE9anfJhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc704f078ffe-FRA
alt-svc
h3=":443"; ma=86400
/
bshr.ezodn.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bshr.ezodn.com/?did=251786&bf=30000&dc=1254144
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/porpoiseant/banger.js?cb=195-0&bv=279&v=100&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce113bbf0b3136cbb50dbdde8bb26c3e0d3032620c83b1cd6fd2b9d2beb0225

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
631861
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Sep 2023 17:42:49 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf8
access-control-allow-origin
https://pastelink.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZC2Ln0b5va0xliqrOv9WwF5RrIFlwZuK91jt7pqJtBq6n%2Fv0XZ7wdqLdm9f%2BsqGkp1Og7pdPuGdDUyM%2B8Tuc%2BCnoKFpSsdhznzCfmT64zklF8TlfvKR5VBTWxNKHpGGdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1209600
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
81dfcc73ecb519af-FRA
access-control-allow-headers
Content-Type
olathe.js
go.ezodn.com/parsonsmaize/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/olathe.js?gcb=195-0&cb=23
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Oct 2023 21:36:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
185857
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHCLsaww4SrdDthkOT5EX%2FxSRPH0%2FEz229sfEu1LHFzQPcok88Vjiw%2F%2FrZ%2FkDXKz13vjsICXN0xc2Y25q61xnxgUksHqExbTyFBdkNbsuCuwHBQLcUs4oD%2BwzCAKV88%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc707f208ffe-FRA
alt-svc
h3=":443"; ma=86400
chanute.js
go.ezodn.com/parsonsmaize/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/parsonsmaize/chanute.js?a=a&cb=7&dcb=195-0&shcb=34
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Oct 2023 15:24:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1504181
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhaVgIQWnGwgYYm6q6Yg%2By3pp3P8s826myo%2FVWAsjzajGwWmFnzHoWrL3EnYeCHCHBW9Sn2WwiG2pl1o1Io1TXrjuJ4WDHt1PIj3XpZxE41wKlMDKXC3nIkbFFANMaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc707f218ffe-FRA
alt-svc
h3=":443"; ma=86400
vitals.js
go.ezodn.com/tardisrocinante/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/tardisrocinante/vitals.js?gcb=195-0&cb=3
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.137.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Jan 2023 07:04:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
23998158
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwQGW1%2B9FsUnDSxah5rzx62iq3n5Xy3Tw8QX%2FdGOlL7dRjvZTSaxdRXIwwIQAmFbjNDXUHW1B7SDDF3d4zsAUX27AseO39roZT7SuF3XxcR6P99kq6iVffpZaXJiyAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
81dfcc709f2e8ffe-FRA
alt-svc
h3=":443"; ma=86400
army.gif
g.ezoic.net/porpoiseant/ 		0
95 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk3MDcxMTkwNTc0MTc1OCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTMtMCIsInRfZXBvY2giOjE2OTg2Mjg0MzUsImFkX3Bvc2l0aW9uIjoxMTA1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiY29tcF9pZCI6MSwiZGF0YSI6W3sibmFtZSI6InN0YXRfc291cmNlX2lkIiwidmFsIjoiNDQifV0sImlzX29yaWciOjB9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:56 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:56 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk3MDcxMTkwNTc0MTc1OCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTMtMCIsInRfZXBvY2giOjE2OTg2Mjg0MzUsImFkX3Bvc2l0aW9uIjoxMTA1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiY29tcF9pZCI6MSwiZGF0YSI6W3sibmFtZSI6ImFkc2Vuc2V0eXBlIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6MH1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:57 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NjQ4MTU5Njg1NDEzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMi0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiI0NCJ9XSwiaXNfb3JpZyI6MH1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:56 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:56 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NjQ4MTU5Njg1NDEzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMi0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoiYWRzZW5zZXR5cGUiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjowfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:56 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:56 GMT
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:13:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 23 Oct 2023 08:11:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
576103
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3DOnGduYoySvzHTmpz%2FUqbTsyNHz2dK6qW4ai5aul5lz3qXdBqE2tC9kt3Iyh9AapOgt9XynjZ42epmw3Mj8xgZk2%2BIVG%2F%2BiHIEv7n7rK3V5vECSxeEJ3sCOXrfMXfD"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
81dfcc7388970e49-MXP
translator
hbopenbid.pubmatic.com/ 		39 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6e72d4099586cef4ddbb5c0c72f093ed28441d0fe3c03bd375fbefb25cdba188

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 30 Oct 2023 01:13:55 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-openrtb-version
2.3
content-encoding
gzip
content-type
application/json
cdb
bidder.criteo.com/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.16.0&cb=98043218665&lsavail=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 30 Oct 2023 01:13:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ads.yieldmo.com/exchange/ 		7 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.16.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-box-1-0%22%2C%22callback_id%22%3A%2214ee7ed9504c278%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.06%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-box-1-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-banner-2-0%22%2C%22callback_id%22%3A%2215e9ea9a6501193%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.06%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-banner-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-large-billboard-2-0%22%2C%22callback_id%22%3A%2216cf627d91ec7aa%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B250%2C250%5D%2C%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.06%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-large-billboard-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-medrectangle-2-0%22%2C%22callback_id%22%3A%2217319faa2e2ebd5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.06%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-medrectangle-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-edge-2-0%22%2C%22callback_id%22%3A%22186843cd2d7ccbc%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.06%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-edge-2-0%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-pastelink_net-edge-1-0%22%2C%22callback_id%22%3A%22193ae1b4c67bfe6%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22bidFloor%22%3A0.07%2C%22gpid%22%3A%22div-gpt-ad-pastelink_net-edge-1-0%22%7D%5D&page_url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&bust=1698628436656&dnt=false&description=Pastelink.net%20-%20Anonymously%20publish%20text%20with%20hyperlinks%20enabled.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=%D8%B4%D8%B4%D9%85%DB%8C%D9%86%20%DA%A9%D8%A7%D8%B1%DA%AF%D8%A7%D9%87%20%D9%88%DA%A9%DB%8C%D9%84%20%D8%AD%D8%B1%D9%81%D9%87%20%D8%A7%DB%8C%20%D9%85%D9%87%D8%A7%D8%B1%D8%AA%20%D9%87%D8%A7%DB%8C%20%D8%A8%D9%86%DB%8C%D8%A7%D8%AF%DB%8C%D9%86%20-%20Pastelink.net&w=1600&h=1200&pubcid=3d490c6c-b0e7-417e-a37a-e55ec6dc7b1c&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22d2ef912c0af14feeca45c4b843039186%22%2C%22domain%22%3A%22pastelink.net%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223d490c6c-b0e7-417e-a37a-e55ec6dc7b1c%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.65.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-65-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a54af86fefb1288239fcd7cb20a8368327a53b28ae77a163a48d75c9864bb8fd

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
vary
accept-encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
access-control-request-headers
Cache-Control, Pragma
v1
btlr.sharethrough.com/universal/ 		831 B
855 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.243.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6aab5055a4e4a0aa37268f38cbe1ce0a510c0a8066718f6558085258a809be44

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
489
v1
btlr.sharethrough.com/universal/ 		831 B
806 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.243.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
00e07d0d13fffc0bf2611e451104da42ade35633963486905dc51edfe724556f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
440
v1
btlr.sharethrough.com/universal/ 		842 B
828 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.243.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a36052bf6c7062f263f34987e86e59d477141589cdb91110094fad748691ce84

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
461
v1
btlr.sharethrough.com/universal/ 		822 B
815 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.243.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
99d28139f2df8216a21647c3d545d6cb486e23c4f096adf1c44cdc0e10b3aeb3

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
449
v1
btlr.sharethrough.com/universal/ 		663 B
789 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.243.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
763a4f11850166f5335d2652a4c46cdc6ef35234ce72d7574ab49dfb5f2629a7

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
423
v1
btlr.sharethrough.com/universal/ 		995 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.243.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-243-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e6a28df43cbd691c4b7bb4d129c9e59f154a8b5a4c865b3b58a874eadeadd74c

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
501
prebid-request
onetag-sys.com/ 		93 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
215db6220a33c98414cc72431728c87ec22fbda8e2b72d12932217d6629f98b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://pastelink.net
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
55675
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
824 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&PageUrl=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&PageReferrer=https%3A%2F%2Fpastelink.net%2Fcpsbn47l
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0c22229bf84e8175c2daf4ba6bad887c91187db71ff2911f6f598b5215134934
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
via
kong/2.8.4
x-content-type-options
nosniff
content-encoding
gzip
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
252
pragma
no-cache
access-control-max-age
3600
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://pastelink.net
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
01192bbc04af8e6bfe95906a700dcd2faf83e64b9d133123093136646caabd3f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:13:57 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1962
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f4e0806b8cd406a4173933a6013af7fc78cb54618ee83072865d36901ec297e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
an-x-request-uuid
d94de17c-4251-431f-8f37-2a4a7f511399
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		10 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
a9f637c6cfe255dce1480706b84f81013d5c336cc941c13a0d3e98507901d13d

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
88
content-length
4857
/
prebid.smilewanted.com/ 		0
307 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81dfcc73296c0e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81dfcc7329710e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81dfcc7329720e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81dfcc73296f0e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81dfcc7329750e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
81dfcc73296e0e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:10:18 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
220
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ympICDsZq8Eltm6fqbFRDPT-jBiQPsUFgf6goM9Rv1Upki0axrOIMA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.127.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-127-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sun, 29 Oct 2023 05:50:54 GMT
Via
1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
69784
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
z-EoVvs9RaBOmSmVxpvKbFzJSm1GBzLfPiiU7_XAbDqP4J41dmCwwQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
976Z3AP5KACN5ZQ9
age
2438
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81dfcc73fcc90e71-MXP
x-amz-id-2
bYza3wvSQQURr+H4xOtDoUMKHCsX8l+cV+ZAY4MeUw1/3WJbK2jhIGGqld8u9+UcXzo5bzipC+s=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:14:34 GMT
content-encoding
gzip
age
269962
x-guploader-uploadid
ADPycdvBYmC4PgLzsLJIA894B5g2PkDCL__fBZjxcqEcFhjWy_N2njp16oilhyxFEUw1SMex_uifF9Gbyeo8Sz9Z3Y65Fg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 25 Oct 2024 22:14:34 GMT
ob.js
cdn-ima.33across.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45c671190fb8deb70cd574cb0e63b52c671855bb4cb7de28b273c37538c9221

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 20:21:19 GMT
server
cloudflare
age
274960
etag
W/"653aca3f-251f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81dfcc732ee001f8-ZRH
expires
Thu, 02 Nov 2023 01:13:56 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Oct 2023 01:13:57 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 06:24:57 GMT
content-encoding
gzip
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
67741
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
QIT0LvMjMC3GrVHSS3gil2-upNtrjuEPZl5Eyh3iyYoEDwVnyjGVsw==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
94419ab876dcb5280635bac0ba3f54fe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25665
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37sGwwxnXa2JPu282NzvJQE2Nw5r3kf70YijgG%2BHTJzJba5MJC%2BRaOpJ02JvxTk3%2BAX7aEndgEo2fj%2BjbKb5DmFyF%2FR506y8PGfvynC0QHSIjiuM9yVln63AUm5nSGnqC3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81dfcc73d9590229-ZRH
imp.gif
g.ezoic.net/detroitchicago/ 		43 B
124 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/imp.gif
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://pastelink.net
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Sun, 29 Oct 2023 01:13:57 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 		395 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js?bust=31079176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
28fd563a4a1ea2bcc7177e450c605bb349b91ae4649d3b1fa5ec5c79ba428d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137198
x-xss-protection
0
server
cafe
etag
1996803380818558314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 01:13:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/ Frame DC57 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231025/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
20675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 19:29:22 GMT
etag
4569948109300706969
expires
Sun, 12 Nov 2023 19:29:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=1512554667843608&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=3466210713&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698628436814&lmt=1698624836&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjqhZTxtzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjrhZTxtzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGOuFlPG3MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjrhZTxtzFIAFICCGQSFwoIcnRiaG91c2UY64WU8bcxSABSAghkEhkKCnVpZGFwaS5jb20Y64WU8bcxSABSAghkEhQKBW9wZW54GOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y64WU8bcxSABSAghk&dlt=1698628434581&idt=2113&prev_scp=bra%3Dmod173-c%26avc%3D93%26ap%3D9999%26al%3D1006%26ic%3D1%26d%3D251786%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26br2%3D90%26iid1%3D1582256207696828%26ezoic%3D1%26reft%3Dn%26br1%3D140%26ga%3D2497208%26tap%3Dpastelink_net-pixel1-1582256207696828%26bvr%3D0&adks=2114093675&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c91ca771fea5e8e53fb5a4d830071d75c44238837e56ed80fab4578a51ae5899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
577
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 01:13:57 GMT
expires
Tue, 29 Oct 2024 01:13:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl_page_level_ads.js?cb=31079134
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
412e7d7cde179db8f01fc9ba4453d4cbe4d713b9c9b14f9a281de1d5587982f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 10:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
52594
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13695
x-xss-protection
0
server
cafe
etag
13258114228687448606
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 28 Oct 2024 10:37:22 GMT
cookie.js
partner.googleadservices.com/gampad/ 		393 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pastelink.net&callback=_gfp_s_&client=ca-pub-1750856239204414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js?bust=31079176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e256a1b8565a0bba208288eb3885641ec6217176ffbc36a87be18c61242fda99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DCF2 		46 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js?bust=31079176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
19272aa00962a7d3df26aa4645d3c6d6558b1cdb8ef2bc4ec463c77d55703816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
18266
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 01:13:57 GMT
expires
Mon, 30 Oct 2023 01:13:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8576 		722 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=250&adk=1204883557&adf=2224284356&w=706&lmt=1698624836&rafmt=12&channel=4987320600&format=706x250&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436744&bpp=1&bdt=2163&idt=206&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=120247131671&pv_ch=4987320600%2B&frm=20&pv=1&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=J6SyidjxcH&p=https%3A//pastelink.net&dtd=210
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_fy2021.js?bust=31079176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
4374160bba5d73f760750839c42d27c61870cb10e7e94eaf8e9cd49e7a1f6bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 01:13:57 GMT
expires
Mon, 30 Oct 2023 01:13:57 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&rid=esp&cc=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/cpsbn47l
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1ea39abed7a81ca9d42a3df7946158651957f2be32c1e6a298000058cbef0d5d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-P/8AZ0uqNOMGh3SmdBjw68ds4KA"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 30 Oct 2023 01:13:57 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://pastelink.net
location
/esp?url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		235 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
cffe7702cd352cf5b9334e7ae5ed3babf6dcb9277499d93cc24ad8d95a7d6658

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://pastelink.net
cache-control
no-cache
x-server
10.45.3.5
access-control-allow-credentials
true
content-length
235
expires
0
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bf9f66804f5b3fd3709c98ce41ebe1a4a9ce41383afb559282b5d035360960

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 16:39:42 GMT
server
cloudflare
age
0
etag
W/"df69c18a6b7ca223bebd3a6b46665609cb2af612"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81dfcc76289523c7-ZRH
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:13:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
576042
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 23 Oct 2023 08:11:06 GMT
Server
cloudflare
ETag
W/"42783f4dfb63346ef86cbdd3594314a1"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BLFEyJ4Up7mApP4UpXed%2BfHIj3SX6WcAH0qXiE1opc5lMZ6IM3mNX3yPAPyVXYAwumkEFXav8%2BIlXuHT4OPVobhKEqXwAuBmNNo74%2BLvM4p9VSofTddg13UkHme%2FGhx"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
81dfcc766d8e0e29-MXP
increment
id5-sync.com/api/esp/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 30 Oct 2023 01:13:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
fed
ups.analytics.yahoo.com/ups/58813/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://pastelink.net
content-type
application/json
access-control-allow-credentials
true
content-length
0
syncframe
gum.criteo.com/ Frame C109 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 01:13:56 GMT
server
Kestrel
server-processing-duration-in-ticks
240252
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODYyODQzNSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMTAtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODYyODQzNSwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3RhZyIsInZhbCI6ImVuLVVTIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODYyODQzNSwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjE1NzUifV19XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:58 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:58 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2185717841829384&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&didk=3113576587&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53b44a7f034cf0cd%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_Mbh4QKpIQ41HKBozef0zEQi_ed48A&gpic=UID%3D00000cad7e00c55e%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_MYLFCSeb2vuuFZaXAgV7D1rGD5Dog&abxe=1&dt=1698628437424&lmt=1698624837&adxs=1081&adys=473&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=300x250&msz=300x0&fws=0&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSFAoFb3BlbngY64WU8bcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1005808941715195%26eid%3D1005808941715195%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1106%26sap%3D1106%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpastelink_net-box-1-1005808941715195%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C142%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Dyieldmo%26hb_adid%3D752c32a32dbe6da%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.15%26hb_rt%3Dclient&adks=2280168990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
12ae28ac8e3330794dfbdd645dad2f03fe6b8ead4bc1fbd2ff5b971b20af9fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		396 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2185717841829384&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C336x280%7C300x250%7C300x600%7C160x600&fluid=height&ifi=5&didk=3975025521&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53b44a7f034cf0cd%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_Mbh4QKpIQ41HKBozef0zEQi_ed48A&gpic=UID%3D00000cad7e00c55e%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_MYLFCSeb2vuuFZaXAgV7D1rGD5Dog&abxe=1&dt=1698628437435&lmt=1698624837&adxs=1091&adys=730&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=250x250&msz=250x0&fws=0&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSFAoFb3BlbngY64WU8bcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D413187799706931%26eid%3D413187799706931%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dpastelink_net-large-billboard-2-413187799706931%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Damx%26hb_adid%3D675aeca42c8bc2%26hb_format%3Dbanner%26hb_ssid%3D11290%26hb_opt%3D0.64%26hb_rt%3Dclient&adks=1066784842&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
219a5b5202487ad29f0d146acb4cf214ee36e3e89802162422a7c2bc5e87db90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		398 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2185717841829384&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=6&didk=4157619326&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53b44a7f034cf0cd%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_Mbh4QKpIQ41HKBozef0zEQi_ed48A&gpic=UID%3D00000cad7e00c55e%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_MYLFCSeb2vuuFZaXAgV7D1rGD5Dog&abxe=1&dt=1698628437440&lmt=1698624837&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSFAoFb3BlbngY64WU8bcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1679971969716064%26eid%3D1679971969716064%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-1679971969716064%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D37%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Dpubmatic%26hb_adid%3D70c34e4d5cad5c2%26hb_format%3Dbanner%26hb_ssid%3D10061%26hb_opt%3D0.07%26hb_rt%3Dclient&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
96b73941a7ae7b4a128b614e96cdfbedd375e3bea38657b308b4c28f4f056fb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		385 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2185717841829384&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=7&didk=303733059&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53b44a7f034cf0cd%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_Mbh4QKpIQ41HKBozef0zEQi_ed48A&gpic=UID%3D00000cad7e00c55e%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_MYLFCSeb2vuuFZaXAgV7D1rGD5Dog&abxe=1&dt=1698628437446&lmt=1698624837&adxs=1440&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSFAoFb3BlbngY64WU8bcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D7318336885689345%26eid%3D7318336885689345%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpastelink_net-edge-2-7318336885689345%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Donetag%26hb_adid%3D71e01d8c034457b%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.03%26hb_rt%3Dclient&adks=3817599677&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
294cf256ca02d28e876db2a0664287ebf87bb32a1af56c832b05edb7af5be96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		387 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2185717841829384&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x250%7C300x600%7C160x600&fluid=height&ifi=8&didk=666188455&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53b44a7f034cf0cd%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_Mbh4QKpIQ41HKBozef0zEQi_ed48A&gpic=UID%3D00000cad7e00c55e%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_MYLFCSeb2vuuFZaXAgV7D1rGD5Dog&abxe=1&dt=1698628437451&lmt=1698624837&adxs=1081&adys=987&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=336x280&msz=336x250&fws=512&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSFAoFb3BlbngY64WU8bcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D8280435719717964%26eid%3D8280435719717964%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpastelink_net-banner-2-8280435719717964%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26hb_bidder%3Damx%26hb_adid%3D66c508108fdda1%26hb_format%3Dbanner%26hb_ssid%3D11290%26hb_opt%3D0.64%26hb_rt%3Dclient&adks=3458358542&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
4024b1c5dc321223723aa53aad1398c0ee8e3e7592806f90ff813a415114ce88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		385 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2185717841829384&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=9&didk=303732042&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D53b44a7f034cf0cd%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_Mbh4QKpIQ41HKBozef0zEQi_ed48A&gpic=UID%3D00000cad7e00c55e%3AT%3D1698628436%3ART%3D1698628436%3AS%3DALNI_MYLFCSeb2vuuFZaXAgV7D1rGD5Dog&abxe=1&dt=1698628437457&lmt=1698624837&adxs=0&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSFAoFb3BlbngY64WU8bcxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D7542428481684973%26eid%3D7542428481684973%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpastelink_net-edge-1-7542428481684973%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295&adks=2076075791&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1fd3bb7c8e5409348cfec7a9e042e00b5cc3cf8d3d68f8862feeeeadfb8385bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
www.bing.com/aes/ Frame DCF2
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d39f694-ae85-4d1c-8f40-45e3375910ce&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=065f8b18-e9d9-4d75...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=77a5086e2bb640efbd9edb61e6df5b5c&SNR=1&GV=2&med=10
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=77a5086e2bb640efbd9edb61e6df5b5c&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1C2D3CBB3C6846A7865CDCD59399C236 Ref B: ZRHEDGE1921 Ref C: 2023-10-30T01:13:58Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 30 Oct 2023 01:13:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DC20757A02C140B8AB0AC50B99C0FCCD Ref B: ZRHEDGE1921 Ref C: 2023-10-30T01:13:57Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=77a5086e2bb640efbd9edb61e6df5b5c&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame DCF2 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
br
last-modified
Thu, 26 Oct 2023 16:57:38 GMT
x-azure-ref-originshield
0k00+ZQAAAACXqqFdFWTBRrOetowd3148RlJBMjMxMDUwNDE4MDM5ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
J+pv/76iSl+npbn8OyK0fA==
etag
0x8DBD644A930A7CA
x-azure-ref
0VQM/ZQAAAABRNiwEqI8XQo/to6XJkWbPWlJIRURHRTA2MTYAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8f36ec88-001e-001f-1062-0a5383000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame DCF2 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:13:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Tue, 29 Oct 2024 01:13:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame DCF2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 18:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
24351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 18:28:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame DCF2 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 14:17:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
39359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Nov 2023 14:17:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCF2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 01:13:57 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 9E8B 		572 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5ed35b8cfa65b52b66cda4ef14328483e729225a4fb8bcf50009914b465cd4a6

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
375
content-type
text/html
date
Mon, 30 Oct 2023 01:13:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 30 Oct 2023 01:13:57 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
eu-u.openx.net/w/1.0/ Frame 9E8B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7274554178927420115
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7274554178927420115
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7274554178927420115
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9E8B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4493a614-8aa8-cfc8-29f4-3f3ca9ff6b3a
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4493a614-8aa8-cfc8-29f4-3f3ca9ff6b3a&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4493a614-8aa8-cfc8-29f4-3f3ca9ff6b3a&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:13:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MVTXGP9YWK56200G5KFW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:13:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BRR16R4QQES53A4X3QVE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4493a614-8aa8-cfc8-29f4-3f3ca9ff6b3a&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 9E8B 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=1c45da69-9602-7432-e9fa-bdabc1cca0da&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9E8B 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzAyYTA5YTMtNWY3NS0yYTk2LWZjMWEtZTcxMjBiMmU2ZWJh
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFSXnos0IuucqPWNc7KT-aE&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFSXnos0IuucqPWNc7KT-aE&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFSXnos0IuucqPWNc7KT-aE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame C109 		422 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
26a09a8c06d9cc23f4c1683372f90600830d1334553bc1a32b111dda03720cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1183188
expires
0
th
www.bing.com/ Frame DCF2 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7284331496398_157EGJZF5X7AEC6YQS&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
9baf824f89bfc1dd8c649c06e2b947b24417f6fb3b1db92fcff4aaf1d3d3bd09

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:57 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2B00B29E957C45D0BB4B59D07ED7DBFF Ref B: ZRHEDGE1921 Ref C: 2023-10-30T01:13:58Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_HIT
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
11562
rd_log
ams3-ib.adnxs.com/ Frame DCF2 		0
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&e=wqT_3QL1A-j1AQAAAwDWAAUBCNWG_KkGEPf_2JSkjcmoaxgAKjYJ0p94Ttyhsj8R3j7_xsMSsj8ZAAAAgML16D8h3g0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4lfQFgAEBigEDVVNEkgUG8NCYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9jcHNibjQ3bIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYA_uVwgHgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWrx_2B6Z6vuV7ABQDJBQAAAAAAAPA_0gUJCQAAAAUOcNgFAeAFAfAFgOo3-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeV9AXSBw0JESgBJgjaBwYBXqQYAOAHAOoHAggA8Afx9QyKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=6c8bcbbeac36b4c966bdfe61a135183194c3c169&bdref=https%3A%2F%2Fpastelink.net%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fpastelink.net%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1750856239204414%26output%3Dhtml%26h%3D90%26adk%3D940534320%26adf%3D783205323%26w%3D728%26lmt%3D1698624836%26rafmt%3D12%26channel%3D4987320600%26format%3D728x90%26url%3Dhttps%253A%252F%252Fpastelink.net%252Fcpsbn47l%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1698628436741%26bpp%3D3%26bdt%3D2161%26idt%3D186%26shv%3Dr20231025%26mjsv%3Dm202310240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D120247131671%26frm%3D20%26pv%3D2%26ga_vid%3D1537357757.1698628436%26ga_sid%3D1698628437%26ga_hid%3D2046699570%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D310%26ady%3D140%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44805933%252C44806738%252C31078297%252C31079176%252C44806141%26oid%3D2%26pvsid%3D111629048947475%26tmod%3D1329246652%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Co%257CeE%257C%26abl%3DNS%26pfx%3D0%26fu%3D256%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DlI7cEkcoUr%26p%3Dhttps%253A%2F%2Fpastelink.net%26dtd%3D202&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:58 GMT
an-x-request-uuid
4bd75dd9-eaba-412a-bc11-b9c935d0b91e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame DCF2 		0
670 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&e=wqT_3QKlB-ilAwAAAwDWAAUBCNWG_KkGEPf_2JSkjcmoaxgAKjYJ0p94Ttyhsj8R3j7_xsMSsj8ZAAAAgML16D8h3g0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4lfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9jcHNibjQ3bIADAIgDAZADAJgDCaADAaoDrQMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0wNjVmOGIxOC1lOWQ5LTRkNzUtODdlNi1mNjJjZmRlMDJiMjcmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTA2NWY4YjE4LWU5ZDktNGQ3NS04N2U2LWY2MmNmZGUwMmIyNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFhxTdWJHcm91cBUZ8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NzMzMDAyMDczOTc0MTI4NjMxIgkzODE4NDY3MTQqBCFg8IE6OFUyVmhjbU5vUVdRak56RTJOelEyTlRRek1ERTNPRE1qTWpNeU16UTNOREl5T0RFM05qRTBPUT09wAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAWrx_2B6Z6vuV7ABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYDqN_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5X0BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH8fUMiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=9322373ae08fd9784b1ffd853e6adc748ea3ee46&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=4549771771140101115&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:58 GMT
an-x-request-uuid
89389040-4664-4d2e-80c9-01ded3a564a7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame DCF2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b65d5447341340855eebd7743f8f51c03f9f37a7cfdf9e85a344796ebefb77d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NjQ4MTU5Njg1NDEzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMi0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6MH1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:58 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:58 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NjQ4MTU5Njg1NDEzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMi0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMjYyOCJ9XSwiaXNfb3JpZyI6MH1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:59 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:59 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NjQ4MTU5Njg1NDEzIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMi0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDQsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjoxLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6MH1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:13:58 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:13:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DCF2 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZo7QVQM_ZbaQDZe8juwP49KS2AfS4Nfgbo-ktpOTCsCNtwEQASAAYPXtsoH8A4IBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJqAMByAMCqgTtAU_QiTySdwuaufHONTmqAB6XUjp69WcpcFAFwccuPlWsbN-JDT0qJrIe4Xz6MPi7brij7Z12_iUeTPJvlDze6E6I3dKxpzoFQEuVw6FlpZ3ra_4gBTMVm2svZ-n71Z-Nvfj-IwV3lNqnjwf6RE2jlpDHy1ZWliZsnaAjXC6lLsmZ1UmNHs1mgiaMqiGQYiasVGFJpmz9Fn7aplVVQr47hgBeeTdaxT2CbTvgGUpIMSC48bzJAZQyM4IxZXnolNiBULP_d8Q1RnXts18bhKat1nmcnE5hwEi3V8OOrEH1N6HvUnf8pBA1rE3rOgg5CIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTc1MDg1NjIzOTIwNDQxNBgA&sigh=HZ0IUPra_K0&uach_m=[UACH]&cid=CAQSSwDICaaNIXx5duLdejpdPGoEMCqC-_OuVPX-zJqU8pnuhNF_sdtrhNpem0HA7GP9josG-WkV09-rysfHSmGbPRic_rBhlQ76316agRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Oct 2023 01:13:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame DCF2 		0
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&e=wqT_3QKlB-ilAwAAAwDWAAUBCNWG_KkGEPf_2JSkjcmoaxgAKjYJ0p94Ttyhsj8R3j7_xsMSsj8ZAAAAgML16D8h3g0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4lfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9jcHNibjQ3bIADAIgDAZADAJgDCaADAaoDrQMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0wNjVmOGIxOC1lOWQ5LTRkNzUtODdlNi1mNjJjZmRlMDJiMjcmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTA2NWY4YjE4LWU5ZDktNGQ3NS04N2U2LWY2MmNmZGUwMmIyNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFhxTdWJHcm91cBUZ8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NzMzMDAyMDczOTc0MTI4NjMxIgkzODE4NDY3MTQqBCFg8IE6OFUyVmhjbU5vUVdRak56RTJOelEyTlRRek1ERTNPRE1qTWpNeU16UTNOREl5T0RFM05qRTBPUT09wAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAWrx_2B6Z6vuV7ABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYDqN_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5X0BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH8fUMiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=9322373ae08fd9784b1ffd853e6adc748ea3ee46&pp=ZT8DVQADSDYHg54XAASpY94x6EXxG4kxGKlYpg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzHmYVQM_ZbaQDZe8juwP49KS2AfS4Nfgbo-ktpOTCsCNtwEQASAAYPXtsoH8A4IBF2NhLXB1Yi0xNzUwODU2MjM5MjA0NDE0yAEJqAMByAMCqgTwAU_QiTySdwuaufHONTmqAB6XUjp69WcpcFAFwccuPlWsbN-JDT0qJrIe4Xz6MPi7brij7Z12_iUeTPJvlDze6E6I3dKxpzoFQEuVw6FlpZ3ra_4gBTMVm2svZ-n71Z-Nvfj-IwV3lNqnjwf6RE2jlpDHy1ZWliZsnaAjXC6lLsmZ1UmNHs1mgiaMqiGQYiasVGFJpmz9Fn7aplVVQr47hgBeeTdaxT2CbTvgGUpIMSC48bzJAZQyM4IxZXnolNiBULP_d8Q1RnWvsX6JRgJXu-1m6Pv_mcwBU-CEKEjbL3hN1C54GJAfgFUru-pUnBxrdIAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2njv-khdj1A2LW6zn_yOPgJDJNWg%26client%3Dca-pub-1750856239204414%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1750856239204414&output=html&h=90&adk=940534320&adf=783205323&w=728&lmt=1698624836&rafmt=12&channel=4987320600&format=728x90&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698628436741&bpp=3&bdt=2161&idt=186&shv=r20231025&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&correlator=120247131671&frm=20&pv=2&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805933%2C44806738%2C31078297%2C31079176%2C44806141&oid=2&pvsid=111629048947475&tmod=1329246652&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lI7cEkcoUr&p=https%3A//pastelink.net&dtd=202
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:58 GMT
an-x-request-uuid
466903a7-1031-42bf-901e-c2e6a3af5fe6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a7f55aafe2bbf33bafb285ab2b30b8dbd005698ecd630060084fa11dc6c9b357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12167
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-17e57"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Oct 2023 01:13:58 GMT
syncframe
gum.criteo.com/ Frame 8AA6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 01:13:58 GMT
server
Kestrel
server-processing-duration-in-ticks
684715
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.143.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.143.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-17e57"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Oct 2023 01:13:59 GMT
json
gum.criteo.com/sid/ Frame 8AA6 		417 B
551 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=3&topUrl=pastelink.net&bundle=o__3819DVXdXbVpGcnhyd2R5VnB4aEwyJTJCSmFsYVp6VFh4MlhxQmtaUmt3ZE1VNE5nTUtLWURqek84QWFMcnpOdnR2UDFXVjJNNWZPazNZTjVka29XakVCJTJGSVowMzNqY2NybndNODJ3d0VzT1NNY2o2anNSYnJ3UWhqYXR1RWNJZ25kc1BTWnRnU3olMkJqZktYeE92MUcwQTUyN2clM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e91ab37ea2e23bd169db8c21dd66dcec02e14cc2bd278815b45b1af870893c76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1012852
expires
0
si
capi.connatix.com/tr/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81dfcc7eef7e24c0-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
connatix.player.dc.js
cds.connatix.com/p/365249/ Frame EA6C
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
  • https://cds.connatix.com/p/365249/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
1 MB
296 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/365249/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7624f0396f804cb1b5d83ec51c50cde2438f1b2f5bdca6d188cc3b006cc948

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
UgbpVIZvTyI1S0H2k8byAbuRX62jDlu0
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 12:05:39 GMT
server
cloudflare
etag
W/"5f38cb7b179cc1b4e04937b6e3f19ef0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc800bfe01e7-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT

Redirect headers

date
Mon, 30 Oct 2023 01:13:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/365249/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
81dfcc7f0ac001e7-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
c.gif
www.bing.com/aes/ Frame DCF2
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0d39f694-ae85-4d1c-8f40-45e3375910ce&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=065f8b18-e9d9-4d75...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=77a5086e2bb640efbd9edb61e6df5b5c&tids=15000&med=10
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=77a5086e2bb640efbd9edb61e6df5b5c&tids=15000&med=10
Protocol
H2
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1DFC10F9EBF144EFB26858FB4F362BFD Ref B: ZRHEDGE1921 Ref C: 2023-10-30T01:13:59Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 30 Oct 2023 01:13:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DB288972B002493E85B5B311EE158DD9 Ref B: ZRHEDGE1921 Ref C: 2023-10-30T01:13:59Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=77a5086e2bb640efbd9edb61e6df5b5c&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
146
expires
0
cSyncRemoteEntry.js
cds.connatix.com/p/365249/ Frame EA6C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/365249/cSyncRemoteEntry.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
tX6AM0wHzobrRHFLA6kgdVa44omKMSA8
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 12:05:42 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc81dec401e7-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT
hls.1.3.4.js
cds.connatix.com/a/ 		263 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/a/hls.1.3.4.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
08mQY6.qD2K9uG9Q090ZpTuzVoe6eKbG
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 30 May 2023 13:03:31 GMT
server
cloudflare
etag
W/"2065fde20cf0becb2eb29a9fa8b9936f"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc81fee801e7-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT
player.css
cds.connatix.com/p/365249/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/365249/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79ede867e31cc892b29bed89f510c166dae4f43c3fc24785e9184fd0bfac16d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
qguXfwYNPdP45vUyaajko6YLRTSPLCzT
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 12:05:40 GMT
server
cloudflare
etag
W/"0bf136c60ee29e7f6c3edc5ac9596f9c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc81fee901e7-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Oct 2023 01:13:59 GMT
952.js
cds.connatix.com/p/365249/ Frame EA6C 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/365249/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/365249/cSyncRemoteEntry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
iwBu6UDQI0CS_vJoDSDVaPCr.3tsAzE7
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 12:05:42 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc825f7d01e7-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT
402.js
cds.connatix.com/p/365249/ Frame EA6C 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/365249/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/365249/cSyncRemoteEntry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3984f4ff65bd39033cef8165012c524c15f3311bc2af7cfcf5e7b42695b86af1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
XU.1JlsRtWZVMEtpD0.KcSfO7mnVb9vl
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 12:05:42 GMT
server
cloudflare
etag
W/"5cc78ac5d579d2ed103af305552a4f41"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc825f8001e7-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C44F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Oct 2023 19:24:32 GMT
expires
Mon, 28 Oct 2024 19:24:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 855B 		829 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
7b1cc28a497ef133b82421f76e9874c1dc4f6e31adc6ff6c436c1254e324d4d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5cu8Dx8wcl2NWf6Gvluj2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5cu8Dx8wcl2NWf6Gvluj2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 01:13:59 GMT
expires
Mon, 30 Oct 2023 01:13:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vevent
ams3-ib.adnxs.com/ Frame DCF2 		0
670 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&e=wqT_3QKlB-ilAwAAAwDWAAUBCNWG_KkGEPf_2JSkjcmoaxgAKjYJ0p94Ttyhsj8R3j7_xsMSsj8ZAAAAgML16D8h3g0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4lfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9jcHNibjQ3bIADAIgDAZADAJgDCaADAaoDrQMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0wNjVmOGIxOC1lOWQ5LTRkNzUtODdlNi1mNjJjZmRlMDJiMjcmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTA2NWY4YjE4LWU5ZDktNGQ3NS04N2U2LWY2MmNmZGUwMmIyNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFhxTdWJHcm91cBUZ8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NzMzMDAyMDczOTc0MTI4NjMxIgkzODE4NDY3MTQqBCFg8IE6OFUyVmhjbU5vUVdRak56RTJOelEyTlRRek1ERTNPRE1qTWpNeU16UTNOREl5T0RFM05qRTBPUT09wAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAWrx_2B6Z6vuV7ABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYDqN_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5X0BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH8fUMiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=9322373ae08fd9784b1ffd853e6adc748ea3ee46&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=4549771771140101115&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:59 GMT
an-x-request-uuid
67a927c9-fc9c-4192-b551-2d2d932c66c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCF2 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH462L3A73UbuH8pZhwYGbU8gSISt706Xr08zbi28aw-nPqsyWjXo3UisI4phqJ_tCzL_CbdueDkGGm754x7WJqM_IFkjLgf-u9Wmn&sig=Cg0ArKJSzK9H4rVjgmqJEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=940534320&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698628436944&rpt=1453&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:13:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 855B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=111629048947475&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
capi.connatix.com/core/ Frame EA6C
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
213320d9e67ea21fc638ca3ae34da41da10cecdf7d53896a96208a664cd56734

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81dfcc837ad1021d-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 30 Oct 2023 01:13:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?tier=1&final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81dfcc82de1e24c0-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
pls
capi.connatix.com/core/ Frame EA6C 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=365249&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12cf607702d0dfec017ba44fe7b8201c0f3b70b43db1a9d2b0c3e388553bff24

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
81dfcc832ed524c0-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame C44F 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 19:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
19742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 28 Oct 2024 19:44:57 GMT
generate_204
tpc.googlesyndication.com/ Frame C44F 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6f6uwA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1_media.bin
vid.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/f2590cdd-0bb5-401c-a109-f286e7a52d32/ Frame EA6C 		0
0
blockedDomains_1.bin
lit.connatix.com/aa0f11f7-035a-4999-9d0a-efd10d585b22/ Frame EA6C 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
52b5a08de485f199a8fc3d78951104b7b559bab46909aa5f85a123fa41c5e135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29835
x-xss-protection
0
server
cafe
etag
544 / 19660 / 31079133 / config-hash: 13942866851986637457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 01:13:59 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame EA6C 		0
0
elements.ui.674039a10b5c8acbf74e.js
cds.connatix.com/p/365249/ Frame EA6C 		0
0
vevent
ams3-ib.adnxs.com/ Frame DCF2 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DCF2 		0
0
iev
csm.nl3.eu.criteo.net/ Frame C109 		0
0
iev
csm.nl3.eu.criteo.net/ Frame 8AA6 		0
0
prebid8.20.0.js
cds.connatix.com/p/plugins/ 		607 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid8.20.0.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd922ec02508159bf304e17e52ba0eff2e563f060fab54e84e2b9c04e2f67b3

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
x-amz-version-id
bRh4cYVbv_SBR166_eQ7XPeLGLFTbHEl
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 06:34:53 GMT
server
cloudflare
etag
W/"89f2dd23b7549f8ad4b148fd2e05ca61"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
81dfcc852eab01eb-ZRH
access-control-allow-headers
range
expires
Tue, 29 Oct 2024 01:13:59 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		385 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2358032639206471&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=10&didk=303733059&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440245&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D7318336885689345%26eid%3D7318336885689345%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpastelink_net-edge-2-7318336885689345%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Donetag%26hb_adid%3D71e01d8c034457b%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.03%26hb_rt%3Dclient%26lb%3D120%26reqt%3D1698628440237&adks=3817599677&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
f9f51eb2ca53079a224b7695e86ab540be452269e3e17edc3d78478184a059cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=1656550811286014&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-banner-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x250%7C300x600%7C160x600&fluid=height&ifi=11&didk=666188455&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440253&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D8280435719717964%26eid%3D8280435719717964%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1109%26sap%3D1109%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dpastelink_net-banner-2-8280435719717964%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Damx%26hb_adid%3D66c508108fdda1%26hb_format%3Dbanner%26hb_ssid%3D11290%26hb_opt%3D0.64%26hb_rt%3Dclient%26lb%3D120%26nam%3D1%26reqt%3D1698628440248&adks=3458358542&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2f0c494eb3dc8b7ccbe0125ebf1e53a6d3a65f4612da107a5a5093825658ff43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11901
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354427000
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		385 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=604601541480415&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=12&didk=303732042&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440270&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D7542428481684973%26eid%3D7542428481684973%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpastelink_net-edge-1-7542428481684973%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2610%2C2688%2C3045%26lb%3D140%26reqt%3D1698628440264&adks=2076075791&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1d25739db02de792436f6797073ff2144ca213b4c7cddd521b1645f4757ccc39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		392 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=3968222650193792&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=13&didk=4157619326&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440279&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1679971969716064%26eid%3D1679971969716064%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-1679971969716064%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D37%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Dpubmatic%26hb_adid%3D70c34e4d5cad5c2%26hb_format%3Dbanner%26hb_ssid%3D10061%26hb_opt%3D0.07%26hb_rt%3Dclient%26lb%3D120%26reqt%3D1698628440273&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a73c9b0f1c80f7c99bd7638c27cb0c5f3643fdb5cdbfd64e8eb90b94ab5f71f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=341470679963281&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C250x250%7C336x280%7C300x250%7C300x600%7C160x600&fluid=height&ifi=14&didk=3975025521&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440286&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D413187799706931%26eid%3D413187799706931%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1108%26sap%3D1108%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D34%26al%3D1034%26compid%3D0%26tap%3Dpastelink_net-large-billboard-2-413187799706931%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Damx%26hb_adid%3D675aeca42c8bc2%26hb_format%3Dbanner%26hb_ssid%3D11290%26hb_opt%3D0.64%26hb_rt%3Dclient%26lb%3D120%26nam%3D1%26reqt%3D1698628440281&adks=1066784842&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
044fd7df09d0faf6035de8d8073d76daaf4b81862448bd2aa77b943ff02b3724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11911
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354426958
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=977653853804998&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=15&didk=3113576587&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440291&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsk6HvCDAMBAvDUY3CDO0g28TsOY5coynSOkKR1Qctj0%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1005808941715195%26eid%3D1005808941715195%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1106%26sap%3D1106%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpastelink_net-box-1-1005808941715195%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C142%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%26hb_bidder%3Dyieldmo%26hb_adid%3D752c32a32dbe6da%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.15%26hb_rt%3Dclient%26lb%3D120%26reqt%3D1698628440288&adks=2280168990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ea2624280e023b61d9855829c693a1efd5576582bc34d67743190971e8a2f9d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		933 B
512 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=4355402943062771&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=16&didk=3466210712&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628440303&lmt=1698624840&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGwoMMzNhY3Jvc3MuY29tGOuFlPG3MUgAUgIIZBIZCgpwdWJjaWQub3JnGIuJlPG3MUgAUgIIahIYCgl5YWhvby5jb20Y2omU8bcxSABSAghvEh0KDmVzcC5jcml0ZW8uY29tGOuFlPG3MUgAUgIIZBIXCghydGJob3VzZRiniJTxtzFIAFICCGoSGQoKdWlkYXBpLmNvbRjrhZTxtzFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZWl0dWJFMUVLMFpUT0ZkNlRFaFdSSEJsZFZSS2R6MDlJbjA9GP-LlPG3MUgAEhsKDGlkNS1zeW5jLmNvbRjkipTxtzFIAFICCGo.&dlt=1698628434581&idt=2113&prev_scp=bra%3Dmod173-c%26avc%3D93%26ap%3D9999%26al%3D1006%26ic%3D2%26d%3D251786%26eb_br%3Dzero%26br2%3D90%26iid1%3D1582256207696828%26ezoic%3D1%26reft%3Dn%26br1%3D0%26ga%3D2497208%26tap%3Dpastelink_net-pixel1-1582256207696828%26bvr%3D0%26adxf%3D1%26lb%3D140%26at%3Dbf%26ss38%3D1%26ss9%3D1&adks=2114093674&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
4b99af3fbe84c288c40659f1dfdbf3b58f544f6829dafa440268b5e055dcf64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
435
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=about%3A%2F%2F%2F&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 30 Oct 2023 01:14:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
215886
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		0
0
fed
ups.analytics.yahoo.com/ups/58713/ 		0
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58713/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://pastelink.net/cpsbn47l&pixelId=58713
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://pastelink.net
content-type
application/json
access-control-allow-credentials
true
content-length
0
json
gum.criteo.com/sid/ 		2 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=about%3A%2F%2F%2F&cw=1&pbt=1&lsw=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
243344
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=524&_it=prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf72d07049e1f557311188bc3d342f012e66310f773118dd0a158445ff5b01f6

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
81dfcc8b5a24baa6-MXP
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 30 Oct 2023 01:13:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		64 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.195.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
251da6e0a1e937383772575817a546684f2055e52b4dd35af3302db7a8b9ea39

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://pastelink.net
cache-control
no-cache
x-server
10.45.8.79
access-control-allow-credentials
true
content-length
64
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame EC4D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 30 Oct 2023 01:14:00 GMT
ETag
"623de86a-cf34"
Expires
Tue, 31 Oct 2023 01:14:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
isync
visitor.omnitagjs.com/visitor/ Frame D5EB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
275753362b3266fc6b06e16d279c047b5daa36b38d7468be870d77346fa95c3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1483
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:14:00 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
vary
Accept-Encoding
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
x-kong-upstream-latency
2
pbcas
ads.yieldmo.com/ Frame 4774 		994 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.65.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-65-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3acf9d923c01170abebf0d6655904e9eef3b7238fae03cd12616208678481e10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 30 Oct 2023 01:14:00 GMT
pragma
no-cache
vary
accept-encoding
sync-all.html
adxbid.info/ Frame 4454 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be16dce573945b7bbc66dd1eb20fa5949d17d6585f48b2f1ccfa6e7db7240dc6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81dfcc8b7c792bd6-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 01:14:00 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqOYgQ6ta%2F0HNrzbTdHUG5pQ7HndxApqNOmdAhkk7Ce5oN1QOGiL9IfyA972hhfyGrhlyRw%2Frrn7XqWQhGhxbKHPopnaUkRDvt7x9gAzkMKXMONuRPoFp6WMBYnAvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
onetag-sys.com/usync/ Frame 8D62 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698628437215
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
99f270281126cd9ddf409428eec88b72cf4aff4d99533bf2490c8f601b6c430c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1408
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B4B1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36093
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 30 Oct 2023 01:14:00 GMT
expires
Mon, 30 Oct 2023 11:15:33 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 720A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Oct 2023 01:13:59 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
csync.smilewanted.com/ Frame 5941 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81dfcc88be300e15-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:14:00 GMT
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06...
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-l8_jG12bykjI6U4Y0aN4JkWijZRm8NGTdRuoKA&gdpr=0&gdpr_consent=&us_privacy=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-l8_jG12bykjI6U4Y0aN4JkWijZRm8NGTdRuoKA&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
18.194.76.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-l8_jG12bykjI6U4Y0aN4JkWijZRm8NGTdRuoKA&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
705723
content-length
0
expires
Mon, 30 Oct 2023 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=&gpp=&gpp_sid=
  • https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=&gdpr=0
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
18.194.76.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=&gdpr=0
Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
127
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_conse...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
18.194.76.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-76-100.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDE4RkZBN0QtNEYyQi00RDg0LUFCOUMtNTRDQ0M1NkJDNTMx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
cd289ac735ef79ace5e4cc47d97f95ac83477916c134adccbbfd7c60c49a488e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
img
sync.mathtag.com/sync/ Frame 8D62 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:00 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x29 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 30 Oct 2023 01:13:59 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8D62 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 8D62
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
982e2fbb-ca96-464f-83b5-e8fe85099316
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 8D62
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698628440693008-383
Expires
Mon, 30 Oct 2023 01:14:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8D62 		42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=itP3_7DOVy_YKvvxMLhqEKx-blDiup9cl2L4wO-POEw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8D62
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lEa0Iueh1sAHh4dg4L2HtzWtJrRw-ew
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lEa0Iueh1sAHh4dg4L2HtzWtJrRw-ew
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lEa0Iueh1sAHh4dg4L2HtzWtJrRw-ew
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 8D62 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 8D62 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 8D62
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4XUbeghlxuPdtr9SMFnhM_eNet8zC1M2Jxhh9iQKGIk
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4XUbeghlxuPdtr9SMFnhM_eNet8zC1M2Jxhh9iQKGIk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MH9WDR8F77EH6VPE0QW7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=4XUbeghlxuPdtr9SMFnhM_eNet8zC1M2Jxhh9iQKGIk
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 8D62 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-length
0
/
onetag-sys.com/match/ Frame 8D62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 8D62 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 8D62 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 8D62 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1698628437215
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.103.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-103-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
ads.yieldmo.com/v000/ Frame 4774
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=762508879796792481&pn_id=an
43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=762508879796792481&pn_id=an
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.246.65.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-65-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
afbb3596-5e77-4e60-834b-ffb127c8596f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=762508879796792481&pn_id=an
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4774
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjMxNEZCMUItMjc0Qy00NDMyLTlBMTUtQUIzNDA3NEEzMzE2&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 4774
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3eLALLL__uL3lhGTLG5J
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3eLALLL__uL3lhGTLG5J
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3eLALLL__uL3lhGTLG5J
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3eLALLL__uL3lhGTLG5J
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/ Frame 4774
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LOC7IL9R-F-6MHX
43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LOC7IL9R-F-6MHX
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.246.65.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-65-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LOC7IL9R-F-6MHX
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
sync
ads.yieldmo.com/v000/ Frame 4774
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEAD7XEJeAtJlHzj5sevRgdg&google_cver=1
43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEAD7XEJeAtJlHzj5sevRgdg&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.246.65.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-65-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEAD7XEJeAtJlHzj5sevRgdg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B4B1 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24956369&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f37af679cc8e5e6f04435f7acb92da5067fa70e76f4b46dd1373de858416b051

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%2...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
2
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
054a9c2d-f442-494d-9523-b8a3061cf578
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a0...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdp...
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
1
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
e9753268-36f9-41b0-941a-badd681c17d9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=762508879796792481&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adyoulike&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&google_hm=MTY1ODU0YzctN2M0Zi00MDI3LWIxY2YtYjBhOGIyY2Q5MjZm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFO7fbysC3ZOnblfi-ijovc&google_cver=1&ssp=adyoulike&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&name=BIDSWITCH&gdpr=&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&name=BIDSWITCH&gdpr=&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&name=BIDSWITCH&gdpr=&gdpr_consent=
date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame D5EB 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=b23c09598554890304c218fa87cbfccd
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-85.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
ijXevqAD_PlXDhJkglnGcCJv2NbwnYzCkxUQQUQ1clWJxTO7DGL6Dw==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=O8Z2fv1nLSYcCedqCFnv&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=O8Z2fv1nLSYcCedqCFnv&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=O8Z2fv1nLSYcCedqCFnv&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT, Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De770...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=32a9ee613ba5bbe1e811b5cb459e5024&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=32a9ee613ba5bbe1e811b5cb459e5024&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

date
Mon, 30 Oct 2023 01:14:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=32a9ee613ba5bbe1e811b5cb459e5024&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
81dfcc8a1eea0e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAGmXU7KfgcAABl-iR6d0Q&name=BEESWAX
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAGmXU7KfgcAABl-iR6d0Q&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AAGmXU7KfgcAABl-iR6d0Q&name=BEESWAX
Date
Mon, 30 Oct 2023 01:14:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame D5EB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame D5EB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visi...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUFBMDUwQzUtNkYxQS00OTI2LUIwQUMtQUY4NDE4MDczMjY2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26v...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
0
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
205
Content-Type
text/html; charset=utf-8
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_BANNER%26ttl%3D720%26uid%3Dbdef6bd95b7450b4e62a32db8c7d8c9d%26visit...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
image/gif
x-kong-upstream-latency
1
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ZEMANTA_BANNER&ttl=720&uid=bdef6bd95b7450b4e62a32db8c7d8c9d&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
201
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=52ae1379-ca15-4619-9587-be244d87fe1d%20&gdpr_consent=null&gdpr=0
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=52ae1379-ca15-4619-9587-be244d87fe1d%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=52ae1379-ca15-4619-9587-be244d87fe1d &gdpr_consent=null&gdpr=0
date
Mon, 30 Oct 2023 01:14:01 GMT
server
_
content-length
0
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09bd22040014c93362c117c7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09bd22040014c93362c117c7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=09bd22040014c93362c117c7&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Mon, 30 Oct 2023 01:14:00 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame D5EB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-26ac09ad-ee4c-574c-4a42-1f434293a187$ip$84.227.169.20&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-26ac09ad-ee4c-574c-4a42-1f434293a187$ip$84.227.169.20&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-26ac09ad-ee4c-574c-4a42-1f434293a187$ip$84.227.169.20&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Mon, 30 Oct 2023 01:14:01 GMT
Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/ Frame D5EB 		0
0
match
ads.betweendigital.com/ Frame D5EB 		0
0
pixel
ap.lijit.com/ Frame D5EB 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Oct 2023 01:14:01 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
101967
jadserve.postrelease.com/suid/ Frame D5EB 		0
0
cookiesync
bttrack.com/pixel/ Frame D5EB 		0
0
711333.gif
id.rlcdn.com/ Frame D5EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 58C8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 01:14:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Oct 2023 01:14:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 8C45 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
a616a58b5ad3a41c5a1c8412d0c0e4d0d9c7f81c426193feaad63243e1d1d5f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1459
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 8C2E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 01:14:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Oct 2023 01:14:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 0507
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Oct 2023 01:14:01 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 30 Oct 2023 01:14:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame 2CB2 		877 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b3006c6f01e9145d1c4f06d64ae811bd9463ae8f80ce309faead698106a9cc9a

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
877
content-type
text/html
date
Mon, 30 Oct 2023 01:14:00 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTU4MjI1NjIwNzY5NjgyOCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJwYXN0ZWxpbmtfbmV0LXBpeGVsMSIsInRfZXBvY2giOjE2OTg2Mjg0MzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImNmMThjNzM0LWNhNTktNDFjNy02MWMyLWU0YTkxZWM5N2M0ZSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:00 GMT
async_usersync
ib.adnxs.com/ Frame EC4D 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
5ac6f41b-f279-4f40-813f-20dc6d344805
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5941 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1446756
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81dfcc8a8f1b0e15-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
457.json
id5-sync.com/g/v2/ 		276 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
9c5b5d8b04337c9df28e247c40b7d8e5c130061769061dbc8c458b0ef98e5f6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8C45
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lErGqOy13R-mpnoYQwramv8U2Nf-szw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lErGqOy13R-mpnoYQwramv8U2Nf-szw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lErGqOy13R-mpnoYQwramv8U2Nf-szw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 8C45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
img
sync.mathtag.com/sync/ Frame 8C45 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x3 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:00 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x3 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 30 Oct 2023 01:13:59 GMT
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LOC7ILBO-1T-IEXZ&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LOC7ILBO-1T-IEXZ&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LOC7ILBO-1T-IEXZ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=762508879796792481
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=762508879796792481
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
bfb566d1-f1ab-4086-9697-615d635325e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=762508879796792481
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=c76b71bde7643dfaab45299f8e4ef3d&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=c76b71bde7643dfaab45299f8e4ef3d&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=c76b71bde7643dfaab45299f8e4ef3d&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698628440495090-416
Expires
Mon, 30 Oct 2023 01:14:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8C45 		42 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=4XUbeghlxuPdtr9SMFnhM_eNet8zC1M2Jxhh9iQKGIk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=6360361698443397873
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=6360361698443397873
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=6360361698443397873
date
Mon, 30 Oct 2023 01:14:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 8C45
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5QNB21HPCRSJEGQ7ZRGY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
visitor-eu-west-1.omnitagjs.com/visitor/ Frame 8C45
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9AA050C5-6F1A-4926-B0AC-AF8418073266&gdpr=0&gdpr_consent=
49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9AA050C5-6F1A-4926-B0AC-AF8418073266&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
3
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

location
https://visitor-eu-west-1.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=9AA050C5-6F1A-4926-B0AC-AF8418073266&gdpr=0&gdpr_consent=
date
Mon, 30 Oct 2023 01:13:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
220
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-C7JcMdRE2uFVZRhCa82VEDt_7KBYZVeJq6PkwuE-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-C7JcMdRE2uFVZRhCa82VEDt_7KBYZVeJq6PkwuE-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-C7JcMdRE2uFVZRhCa82VEDt_7KBYZVeJq6PkwuE-~A
date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 8C45 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 8C45
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9dee695e-1939-453e-9fc5-e71c4d551648&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 8C45 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=4XUbeghlxuPdtr9SMFnhM_eNet8zC1M2Jxhh9iQKGIk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
2
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 107B 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81dfcc8b8fb50e15-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:14:00 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6607 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
330a79ee4f56cd59217889dc2c1c9db236fe512ef5005f07ffc269e1218e8a05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1449
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 9B00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 30 Oct 2023 01:14:01 GMT
X-Sovrn-Pod
ad_ap1ams1
img
sync.mathtag.com/sync/ Frame 6607 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:00 GMT
Server
MT3 1075 283b7e3 master zrh zrh-pixel-x25 config_version:"1369"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 30 Oct 2023 01:13:59 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6607 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6607
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lFUUCzEH9yZOsjD3cA3LgE5DDaWpUSA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lFUUCzEH9yZOsjD3cA3LgE5DDaWpUSA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi34lFUUCzEH9yZOsjD3cA3LgE5DDaWpUSA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 6607 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6607
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TlOIm8Wm25Hj0poXXx0XVfrmI2L_awe59nEt6LxP_ds
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TlOIm8Wm25Hj0poXXx0XVfrmI2L_awe59nEt6LxP_ds
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AW1HHXAT3J8FVYTN9PH0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=TlOIm8Wm25Hj0poXXx0XVfrmI2L_awe59nEt6LxP_ds
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 6607
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA1zPYaoIuVL6u8KOUqGvGo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6607 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 6607 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.103.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-103-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
onetag-sys.com/match/ Frame 6607
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
an-x-request-uuid
adc545c7-70f3-4816-a8ab-6b3bf03007f9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=762508879796792481
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 6607
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:00 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=eac12f2077bd14f66c932cbb3977b3&gdpr_consent=&gdpr=1
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1698628440627058-405
Expires
Mon, 30 Oct 2023 01:14:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6607 		42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 6607 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ImgSync
image8.pubmatic.com/AdServer/ Frame 6607 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:13:59 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 6607 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 6607 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/HX35J5c09GVptYyVxXLHevGCIhAlwCV1eGWsuO_Ssi8&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
81dfcc8bafcf0e15-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 4304
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=32a9ee613ba5bbe1e811b5cb459e5024
95 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=32a9ee613ba5bbe1e811b5cb459e5024
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
image/png
date
Mon, 30 Oct 2023 01:13:46 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81dfcc8f599d0e15-MXP
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:14:01 GMT
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=32a9ee613ba5bbe1e811b5cb459e5024
server
cloudflare
sync
visitor.omnitagjs.com/visitor/ Frame 2CB2 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=1669129192022215390&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.96.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-96-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
2
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
9.gif
id5-sync.com/i/102/ Frame 2CB2 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 30 Oct 2023 01:14:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
redir
rtb-csync.smartadserver.com/ Frame 2CB2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGmXU7KfgcAABl-iR6d0Q&partnerid=127&gdpr=0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGmXU7KfgcAABl-iR6d0Q&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGmXU7KfgcAABl-iR6d0Q&partnerid=127&gdpr=0
Date
Mon, 30 Oct 2023 01:14:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2CB2
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b23c09598554890304c218fa87cbfccd&gdpr=0&gdpr_consent=0
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b23c09598554890304c218fa87cbfccd&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=b23c09598554890304c218fa87cbfccd&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
3
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 2CB2
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2OTEyOTE5MjAyMjIxNTM5MA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2OTEyOTE5MjAyMjIxNTM5MA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTY2OTEyOTE5MjAyMjIxNTM5MA==&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
getuid
eb2.3lift.com/ Frame 4454 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
cs
ad.turn.com/r/ Frame D3FF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1698628441261
  • https://ad.turn.com/r/cs?pid=45&rndcb=6052806516
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9A4F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 49A2 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6993747C-8CF7-44A2-B3BC-F486809E2F4A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Oct 2023 01:14:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0994DQ0SNYBSK6HT169V
Pug
image2.pubmatic.com/AdServer/ Frame F9B6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 30 Oct 2023 01:14:01 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 8A64
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=762508879796792481&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4B68
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295553602155772063&gdpr=0&gdpr_consent=
0
0
/
sync.bumlam.com/ Frame E835
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame D52A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JqwJre5MV0xKQh9DQpOhh1TjqRQ&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JqwJre5MV0xKQh9DQpOhh1TjqRQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Oct 2023 01:14:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JqwJre5MV0xKQh9DQpOhh1TjqRQ&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 1A15
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZT8DWQACIaMCiwAg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 30 Oct 2023 01:14:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230051-FRA
x-timer
S1698628441.403204,VS0,VE100

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 30 Oct 2023 01:14:01 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZT8DWQACIaMCiwAg
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230051-FRA
x-timer
S1698628441.226390,VS0,VE98
Pug
simage2.pubmatic.com/AdServer/ Frame 6901
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
0
rtset
bh.contextweb.com/bh/ Frame 147B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHSmMwN0tmZ2NBQUJoYjItWmJNQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAGmXU7KfgcAABl-iR6d0Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 2532
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03d3643a9daa4011afcc6cd2d7a79dc4
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03d3643a9daa4011afcc6cd2d7a79dc4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU03d3643a9daa4011afcc6cd2d7a79dc4
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 89F6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Oct 2023 01:14:01 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
bridge
cm.adgrx.com/ Frame C78F 		0
0
cm
ipac.ctnsnet.com/int/ Frame 504B 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 30 Oct 2023 01:14:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame ACF0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3605117586719518215
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3605117586719518215
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3605117586719518215
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame C24B
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329250838588
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329250838588
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 30 Oct 2023 01:14:01 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322329250838588
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 637E 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Oct 2023 01:14:01 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-26faf2de7c05@version_1.575
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 33AE 		0
0
/
pixel-eu.onaudience.com/ Frame 430A
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B4B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aZN0fIz3RKKzvPSGgJ4vSg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=36092
accept-ranges
bytes
content-length
5606
expires
Mon, 30 Oct 2023 11:15:33 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame B4B1 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.54.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-54-88.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.72
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame B4B1
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3744803072
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3744803072
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
via
1.1 google
last-modified
Mon, 30 Oct 2023 01:14:01 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
via
1.1 google
last-modified
Mon, 30 Oct 2023 01:14:01 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3744803072
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame B4B1
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6993747C-8CF7-44A2-B3BC-F486809E2F4A
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MTAzOTJ0UGFYUlFReGUtWUoxRFk5LXVlQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7274554178927420115&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
HTTP/1.1
Server
35.170.18.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-18-82.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 30 Oct 2023 01:14:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame B4B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk5Mzc0N0MtOENGNy00NEEyLUIzQkMtRjQ4NjgwOUUyRjRB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B4B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGkRyFvoSeo3FbVKtJAijE0&google_cver=1
42 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGkRyFvoSeo3FbVKtJAijE0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGkRyFvoSeo3FbVKtJAijE0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame B4B1 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 29 Oct 2023 01:14:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B4B1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7274554178927420115
0
0
generic
match.adsrvr.org/track/cmf/ Frame B4B1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
6993747C-8CF7-44A2-B3BC-F486809E2F4A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B4B1 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame B4B1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.X0s6aBE2uUt_MQMVzXnV5hgyedm9mU-~A&gdpr=0
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B4B1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:00 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cs
ad.turn.com/r/ Frame B4B1 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame B4B1 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame B4B1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:08d3fb99-da8b-4013-af1a-c2ebc83567a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:08d3fb99-da8b-4013-af1a-c2ebc83567a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:08d3fb99-da8b-4013-af1a-c2ebc83567a3&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 30 Oct 2023 01:14:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
match
ads.betweendigital.com/ Frame 58F8 		0
0
smwt256.gif
us.ck-ie.com/ Frame 931C 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=1220957634979059&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=17&didk=3113487578&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628441095&lmt=1698624841&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1970711905741758%26eid%3D1970711905741758%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dt%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpastelink_net-box-3-1970711905741758%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%26nocompoverride%3D1%26bkfl%3D1&adks=2234422208&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c1488d1b9f5c1fd70aad864990791417d566f29dbfea8bd6481e5e08003c411d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie
cm.adform.net/ Frame 039B 		0
0
sync
rtb.mfadsrvr.com/ Frame FCE3
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=k0d-MF9UN1B0c3ZENjNSaE5vSFQyV0VLUTZwQzVuM215MVpITUY0Q3lXUndkYlM3Skp2ZUpkQzIzeGZ6T05lUFlEOUM3V3gyMGtaNlVaVGV4TXBMd0ppcXVWRmtoMEtZV1dTd0V0bXF4c1VHS...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
0
0
getuid
cookiesync.api.bliink.io/ Frame 7839 		0
0
usync.js
eus.rubiconproject.com/ Frame 0507 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d611be42df1ac0f43a60311d9a1991d663078c5d0bf90c6d3ac8d116175874bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Oct 2023 11:27:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36808
Connection
keep-alive
Content-Length
11053
Expires
Mon, 30 Oct 2023 11:27:29 GMT
usync.js
eus.rubiconproject.com/ Frame 58C8 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d611be42df1ac0f43a60311d9a1991d663078c5d0bf90c6d3ac8d116175874bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Oct 2023 11:27:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36808
Connection
keep-alive
Content-Length
11053
Expires
Mon, 30 Oct 2023 11:27:29 GMT
usync.js
eus.rubiconproject.com/ Frame 8C2E 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d611be42df1ac0f43a60311d9a1991d663078c5d0bf90c6d3ac8d116175874bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 01:14:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Oct 2023 11:27:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36808
Connection
keep-alive
Content-Length
11053
Expires
Mon, 30 Oct 2023 11:27:29 GMT
eac12f2077bd14f66c932cbb3977b3
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8C17
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/eac12f2077bd14f66c932cbb3977b3?gdpr_consent=&gdpr=0
0
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/eac12f2077bd14f66c932cbb3977b3?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81dfcc8eb94c0e15-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 01:14:01 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Oct 2023 01:14:01 GMT
Expires
Mon, 30 Oct 2023 01:14:01 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/eac12f2077bd14f66c932cbb3977b3?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698628441259011-411
prebid.gif
as.ck-ie.com/ Frame 4454 		0
0
sync
vid.vidoomy.com/ Frame 77BD 		0
0
khaos.json
token.rubiconproject.com/ Frame 0507 		0
0
khaos.json
token.rubiconproject.com/ Frame 58C8 		0
0
khaos.json
token.rubiconproject.com/ Frame 8C2E 		0
0
async_usersync
ib.adnxs.com/ Frame EC4D 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:01 GMT
an-x-request-uuid
fdbb3d0f-5f31-4d9d-b072-183c867356b7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
84.227.169.20; 84.227.169.20; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2547534053450086&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=18&didk=303733059&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628441754&lmt=1698624841&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D7318336885689345%26eid%3D7318336885689345%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D3%26at%3Dbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpastelink_net-edge-2-7318336885689345%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D2%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26hb_bidder%3Donetag%26hb_adid%3D71e01d8c034457b%26hb_format%3Dbanner%26hb_ssid%3D11291%26hb_opt%3D0.03%26hb_rt%3Dclient%26lb%3D60%26reqt%3D1698628440749%26adxf%3D1%26nam%3D1%26ss38%3D1%26ss9%3D1&adks=3817599677&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
37bbfdf0ac857c6cc34ea4ebd139244b1a87ce193793c4b48c0b4059686ae222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11900
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354426964
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		385 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=1108095798470103&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=19&didk=303732042&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628441777&lmt=1698624841&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D7542428481684973%26eid%3D7542428481684973%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D3%26at%3Dbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpastelink_net-edge-1-7542428481684973%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2610%2C2688%2C3045%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D70%26reqt%3D1698628440773%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=2076075791&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
51959346379e197297e16890143a3aa585123230561d2808c6812d01655b8edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2091274229942617&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=20&didk=4157619326&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628441790&lmt=1698624841&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1679971969716064%26eid%3D1679971969716064%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpastelink_net-medrectangle-2-1679971969716064%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10061%26bv%3D12%26bvm%3D0%26bvr%3D2%26avc%3D37%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C132%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26hb_bidder%3Dpubmatic%26hb_adid%3D70c34e4d5cad5c2%26hb_format%3Dbanner%26hb_ssid%3D10061%26hb_opt%3D0.07%26hb_rt%3Dclient%26lb%3D60%26reqt%3D1698628440786%26nam%3D1&adks=3667244470&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d1ed359c478bc240c3f0455b9567bcce6e3043e475b0a2380c3f51ea05ab64a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11886
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354067176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=4001407177661643&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=21&didk=3113576587&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628441808&lmt=1698624841&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1005808941715195%26eid%3D1005808941715195%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1106%26sap%3D1106%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D3%26at%3Dbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dpastelink_net-box-1-1005808941715195%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D36%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D14%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C131%2C0%2C192%2C0%2C168%2C142%2C0%2C71%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C3045%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26hb_bidder%3Dyieldmo%26hb_adid%3D752c32a32dbe6da%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.15%26hb_rt%3Dclient%26lb%3D60%26reqt%3D1698628440802%26adxf%3D1%26nam%3D1%26ss38%3D1%26ss9%3D1&adks=2280168990&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9226b0e721b301c4623d8ac6c12281a485c98ec743a0aa5e2ffacd75c49ade72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11857
x-xss-protection
0
google-lineitem-id
5728075597
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354426988
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame 4454
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZT8DWvjpTkuh7P4sPx4tDwAA%262175
0
0
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU0MjQyODQ4MTY4NDk3MyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:02 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5144 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=36091
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 30 Oct 2023 01:14:02 GMT
expires
Mon, 30 Oct 2023 11:15:33 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 4454 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Oct 2023 01:14:02 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
rtb.adxpremium.services/ Frame 4454
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LOC7ILCO-14-808P
86 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LOC7ILCO-14-808P
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Oct 2023 01:14:02 GMT
Server
nginx
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LOC7ILCO-14-808P
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
cookie
cm.adform.net/ Frame 4454 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=185148740693680&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=22&didk=3113487578&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628442604&lmt=1698624842&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslWBiDIP28H8A-nZmO2Qlxr2Ickie-LK4gHRgeZFB7SKzgsr9u457bAUZ7q0wG1JVn3VuctRHoK35sC%2CAOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGsn_uVo9gs5jmbvySjkRuFQUn5NNVaqOsXTGP8MoNX_1bJEqNwi6nV8XsAW2TgR5f1SFSaDTlYgtew2d%2CAOrYGskC3x0BK_OQRC_9YPU6SwQ-lFh15how9cMJLPHTfRqOSrkQg4lweR1vhxHzWc_OY7GBTFVSpaP8Fi_T%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1970711905741758%26eid%3D1970711905741758%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dt%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpastelink_net-box-3-1970711905741758%26eb_br%3D54d0fa6d5f6aabe7623cb24faa42a441%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D30%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26nocompoverride%3D1%26bkfl%3D1%26lb%3D60%26reqt%3D1698628441600&adks=2234422208&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
80670d2f4df1639c496f0e4289d63202b5ca409ab33e7cb942db8ec441cd6291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame B4B1 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/ 		384 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=111629048947475&correlator=2371568176044847&eid=31079134&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&iu_parts=1254144%3A22405481091%2Cpastelink_net-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=23&didk=3113487578&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D4acab2b379bc6764%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q&gpic=UID%3D00000cad7e319826%3AT%3D1698628437%3ART%3D1698628437%3AS%3DALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg&abxe=1&dt=1698628443110&lmt=1698624843&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=about%3Ablank&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslWBiDIP28H8A-nZmO2Qlxr2Ickie-LK4gHRgeZFB7SKzgsr9u457bAUZ7q0wG1JVn3VuctRHoK35sC%2CAOrYGsnBxD4ntKZkmaAf4DCwiBS67ELJd4d2BlIpeBrOCk-TFtTrr4DU7LkF4HUY35wm2d7jjOWsF6EUslhR%2CAOrYGslxHOS9ckXzPk3FajyKXNfBaUgMwNlcTt9oSTOhp5Jf2vVEiiIfApUFzPJvIrQH15mORR1Zz4ZA6Wgg%2CAOrYGsn_uVo9gs5jmbvySjkRuFQUn5NNVaqOsXTGP8MoNX_1bJEqNwi6nV8XsAW2TgR5f1SFSaDTlYgtew2d%2CAOrYGskC3x0BK_OQRC_9YPU6SwQ-lFh15how9cMJLPHTfRqOSrkQg4lweR1vhxHzWc_OY7GBTFVSpaP8Fi_T%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsklQpIXvY0keySezezImVJA0Wjz6A88vMeibpj8h_lI&ga_vid=1537357757.1698628436&ga_sid=1698628437&ga_hid=2046699570&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRjrhZTxtzFIAFICCGQSGAoJeWFob28uY29tGNqJlPG3MUgAUgIIbxIZCgp1aWRhcGkuY29tGOuFlPG3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y5IqU8bcxSABSAghqEloKDWNyd2RjbnRybC5uZXQSQGVhYzU4NzU0N2EzZDFkMzg5NzViMzA1ZTY4Mjc0OTQ1YTcwMjk0ZDM2MGZiMjEzNDkyYzA3YzRmMmZmN2QxNTMY4oqU8bcxSAASGQoKcHViY2lkLm9yZxiLiZTxtzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y64WU8bcxSABSAghkEhcKCHJ0YmhvdXNlGKeIlPG3MUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2llaXR1YkUxRUswWlRPRmQ2VEVoV1JIQmxkVlJLZHowOUluMD0Y_4uU8bcxSAA.&dlt=1698628434581&idt=2113&prev_scp=a%3D%257C0%257C%26iid1%3D1970711905741758%26eid%3D1970711905741758%26t%3D134%26d%3D251786%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod173-c%26ic%3D3%26at%3Dbf%26adr%3D398%26ezosn%3D3%26reft%3Dt%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpastelink_net-box-3-1970711905741758%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%26bv%3D11%26bvm%3D0%26bvr%3D1%26avc%3D37%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26icsticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C6293%2C6294%2C6295%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26nocompoverride%3D1%26bkfl%3D1%26lb%3D30%26reqt%3D1698628443107%26adxf%3D1%26ss38%3D1%26ss9%3D1&adks=2234422208&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0916a24b636bf315798d9532d94d63a2b7933e220a614afebe990d0b95e6ec6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTk3MDcxMTkwNTc0MTc1OCIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTMtMCIsInRfZXBvY2giOjE2OTg2Mjg0MzUsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImNmMThjNzM0LWNhNTktNDFjNy02MWMyLWU0YTkxZWM5N2M0ZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:03 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3ap0v873532799z89136110041&_p=2046699570&gcd=11l1l1l1l1&cid=1537357757.1698628436&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1698628435&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&dt=%D8%B4%D8%B4%D9%85%DB%8C%D9%86%20%DA%A9%D8%A7%D8%B1%DA%AF%D8%A7%D9%87%20%D9%88%DA%A9%DB%8C%D9%84%20%D8%AD%D8%B1%D9%81%D9%87%20%D8%A7%DB%8C%20%D9%85%D9%87%D8%A7%D8%B1%D8%AA%20%D9%87%D8%A7%DB%8C%20%D8%A8%D9%86%DB%8C%D8%A7%D8%AF%DB%8C%D9%86%20-%20Pastelink.net&en=ad_impression&ep.query_id=CPaO7ITMnIIDFReegwcdY6kEew&_et=2571
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:14:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAwNTgwODk0MTcxNTE5NSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtYm94LTEtMCIsInRfZXBvY2giOjE2OTg2Mjg0MzUsImFkX3Bvc2l0aW9uIjoxMTA2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6ImNmMThjNzM0LWNhNTktNDFjNy02MWMyLWU0YTkxZWM5N2M0ZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6Ii0xIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiItMSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjgyODA0MzU3MTk3MTc5NjQiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXN0ZWxpbmtfbmV0LWJhbm5lci0yLTAiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJhZF9wb3NpdGlvbiI6MTEwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiLTEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MTMxODc3OTk3MDY5MzEiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXN0ZWxpbmtfbmV0LWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJhZF9wb3NpdGlvbiI6MTEwOCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiLTEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjc5OTcxOTY5NzE2MDY0IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiLTEifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6Ii0xIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzMxODMzNjg4NTY4OTM0NSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiLTEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:03 GMT
army.gif
g.ezoic.net/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzU0MjQyODQ4MTY4NDk3MyIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInVuaXQiOiJkaXYtZ3B0LWFkLXBhc3RlbGlua19uZXQtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiItMSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiLTEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxOTcwNzExOTA1NzQxNzU4IiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidW5pdCI6ImRpdi1ncHQtYWQtcGFzdGVsaW5rX25ldC1ib3gtMy0wIiwidF9lcG9jaCI6MTY5ODYyODQzNSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiLTEifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6Ii0xIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B4B1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99164734&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bcc36d20c05b43b645773291ae178eabbd6b894efd212dea1424cb3903506166

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 30 Oct 2023 01:14:03 GMT
content-length
1661
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame F52C 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 30 Oct 2023 01:14:03 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 42C2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81dfcca2bf0f0200-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81dfcca17d9f0200-ZRH
content-type
text/html
date
Mon, 30 Oct 2023 01:14:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
429
pubmatic
ad.mrtnsvr.com/sync/ Frame 1661 		0
0
pub
matching.truffle.bid/sync/ Frame A44A 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame EAEE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8FD1936F35954DB181146456D0F0F8D4&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8FD1936F35954DB181146456D0F0F8D4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 01:14:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 30 Oct 2023 01:14:03 GMT
expires
Sun, 29 Oct 2023 01:14:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:8FD1936F35954DB181146456D0F0F8D4&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame C953
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=6491609716
  • https://sync.1rx.io/usersync/turn/2627172881630809571?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003
42 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 30 Oct 2023 01:14:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Mon, 30 Oct 2023 01:14:04 GMT
etag
RX1b9cb420c8014276a7a048014d44dbac003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
mw
mwzeom.zeotap.com/ Frame B4B1 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame B4B1 		0
0
generic
match.adsrvr.org/track/cmf/ Frame B4B1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:14:04 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
apn
ads.playground.xyz/usersync/ Frame B4B1 		0
0
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImNmMThjNzM0LWNhNTktNDFjNy02MWMyLWU0YTkxZWM5N2M0ZSIsImRvbWFpbl9pZCI6IjI1MTc4NiIsInRfZXBvY2giOjE2OTg2Mjg0MzUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjEyOCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMzQ4In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjU2OCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjU3MCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIzOTI5In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODYyODQzNSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiOTQzIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODYyODQzNSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI5NDMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:04 GMT
greenoaks.gif
g.ezoic.net/detroitchicago/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjZjE4YzczNC1jYTU5LTQxYzctNjFjMi1lNGE5MWVjOTdjNGUiLCJkb21haW5faWQiOiIyNTE3ODYiLCJ0X2Vwb2NoIjoxNjk4NjI4NDM1LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiY2YxOGM3MzQtY2E1OS00MWM3LTYxYzItZTRhOTFlYzk3YzRlIiwiZG9tYWluX2lkIjoiMjUxNzg2IiwidF9lcG9jaCI6MTY5ODYyODQzNSwiZGF0YSI6W3sibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfV0=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-0&cb=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.69.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-213-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://pastelink.net
x-middleton-display
ezp_sol
date
Mon, 30 Oct 2023 01:14:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Sun, 29 Oct 2023 01:14:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-dceed97a-951e-4c47-b565-c2794ffae817/f2590cdd-0bb5-401c-a109-f286e7a52d32/1_media.bin
Domain
lit.connatix.com
URL
https://lit.connatix.com/aa0f11f7-035a-4999-9d0a-efd10d585b22/blockedDomains_1.bin
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/365249/elements.ui.674039a10b5c8acbf74e.js
Domain
ams3-ib.adnxs.com
URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fcpsbn47l&e=wqT_3QKlB-ilAwAAAwDWAAUBCNWG_KkGEPf_2JSkjcmoaxgAKjYJ0p94Ttyhsj8R3j7_xsMSsj8ZAAAAgML16D8h3g0SACkRJNAxAAAAoJmZqT8w2_imAzi1AUC1XkjjA1C6iYq2AVjHsT1gAGifpFR4lfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9jcHNibjQ3bIADAIgDAZADAJgDCaADAaoDrQMKwwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0wNjVmOGIxOC1lOWQ5LTRkNzUtODdlNi1mNjJjZmRlMDJiMjcmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTA2NWY4YjE4LWU5ZDktNGQ3NS04N2U2LWY2MmNmZGUwMmIyNyZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFhxTdWJHcm91cBUZ8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3NzMzMDAyMDczOTc0MTI4NjMxIgkzODE4NDY3MTQqBCFg8IE6OFUyVmhjbU5vUVdRak56RTJOelEyTlRRek1ERTNPRE1qTWpNeU16UTNOREl5T0RFM05qRTBPUT09wAPYBMgDANgD-5XCAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAWrx_2B6Z6vuV7ABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYDqN_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5X0BdIHDRVlASYI2gcGAV6wGADgBwDqBwIIAPAH8fUMiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=9322373ae08fd9784b1ffd853e6adc748ea3ee46&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=4549771771140101115&vd=ct~0|rr~319|dm~90&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&pd=1.53&d=1.51&id=1.53&ic=1&d0=1.53&d25=1.53&d50=1.53&d75=1.53&d100=1.53&ft=3
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvH462L3A73UbuH8pZhwYGbU8gSISt706Xr08zbi28aw-nPqsyWjXo3UisI4phqJ_tCzL_CbdueDkGGm754x7WJqM_IFkjLgf-u9Wmn&sig=Cg0ArKJSzK9H4rVjgmqJEAE&id=lidartos&mcvt=1385&p=0,0,90,728&mtos=1385,1385,1385,1385,1385&tos=1385,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=940534320&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1698628436944&rpt=1453&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
csm.nl3.eu.criteo.net
URL
https://csm.nl3.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~56
Domain
csm.nl3.eu.criteo.net
URL
https://csm.nl3.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.FragmentData.publishertag.Bundle.Origin.3~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~44
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastelink.net/cpsbn47l&tl=https://pastelink.net/cpsbn47l&nf=0&rt=true&v=8.16.0&av=2.0&vg=epbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=
Domain
jadserve.postrelease.com
URL
https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
bttrack.com
URL
https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=45&rndcb=6052806516
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=762508879796792481&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7295553602155772063&gdpr=0&gdpr_consent=
Domain
sync.bumlam.com
URL
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?ev=AAGmXU7KfgcAABl-iR6d0Q&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
pixel-eu.onaudience.com
URL
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7274554178927420115
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6993747C-8CF7-44A2-B3BC-F486809E2F4A?gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.X0s6aBE2uUt_MQMVzXnV5hgyedm9mU-~A&gdpr=0
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent=
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=165854c7-7c4f-4027-b1cf-b0a8b2cd926f&gdpr=&gdpr_consent=&us_privacy=
Domain
cookiesync.api.bliink.io
URL
https://cookiesync.api.bliink.io/getuid?url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbliink%2F%24UID
Domain
as.ck-ie.com
URL
https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Domain
vid.vidoomy.com
URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Domain
user-sync.adxpremium.services
URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZT8DWvjpTkuh7P4sPx4tDwAA%262175
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Domain
mwzeom.zeotap.com
URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6993747C-8CF7-44A2-B3BC-F486809E2F4A
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6993747C-8CF7-44A2-B3BC-F486809E2F4A&sInitiator=external&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

Verdicts & Comments Add Verdict or Comment

416 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture function| $ function| jQuery function| Cookies object| dataLayer object| ezstandalone object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha string| ezStandaloneDefine string| ezStandaloneDisplay object| ezSelectedPlaceholders object| ezSelectedPlaceholdersMap string| ezStandaloneCookies function| __ez_vig_close_wrapper boolean| _ez_sa object| __ez string| __sellerid string| __schain_domain string| __ez_nid string| __ez_gcb object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor function| __ez_handle_init_scroll function| __ez_hb_render object| ezCriteo object| ezYieldmo object| ezOneTag object| ezAYL object| ezAMX object| ezSmile function| ezjsps object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain object| __ezPwtBidders object| __ezPwtFloors object| PWT object| owpbjs function| openwrapRequestAdUnits function| openwrapRefreshSlot function| openwrapBidsBackHandler function| getSlotForhb object| __advertiserRule object| ezasVars object| ezasTag object| headNode boolean| __ezasAggressive object| ezaxmns object| ezaucmns object| __ez_fad_floating function| __ez_init_slot object| ezslot_8_raw object| ezslot_3_raw object| ezslot_5_raw object| ezslot_4_raw object| ezslot_0_raw object| ezslot_1_raw object| ezslot_2_raw object| ezslot_6_raw object| ezslot_7_raw object| divNode object| parentNode object| __banger_pmp_deals object| _ezim_d object| _ezaq number| did string| ezoTemplate boolean| didTimeoutVign function| expzscr function| create_ezolpl function| attach_ezolpl function| __ez_fad_position number| __cnxiid string| __cnxau boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m object| ezslots_raw object| ezslotdivs object| googletag boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad boolean| ezhbopt function| __ez_get_largest_ad_size function| handleResponsiveAdsense object| google_reactive_ads_global_state function| ezasBuild function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezaslWatch object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb string| ezdomain string| cid string| pid string| slotId number| ffid number| alS object| container object| ins object| adsbygoogle function| onYouTubeIframeAPIReady object| gaGlobal object| owpbjsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT object| gaplugins object| gaData function| __ez_get_footer_height function| __ez_set_outstream_floor function| __ez_auto_adjust_outstream_float function| __ez_outstream_player_tracking function| pixelData function| __ez_outstream_float_destroy function| newEzVignette function| getEzErrorURL function| reportEzError object| ct object| ezdent object| ezDenty object| ezua object| ezuxgoals undefined| hREED function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| _ezfd function| __ezDotData object| ggeac object| google_js_reporting_queue object| regeneratorRuntime object| ezoptbid function| epbjsRequestAdUnits function| epbjsBidRequest function| epbjsApplyResponsiveSizes function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash function| PrebidImpressionController function| PrebidImpression function| stickyFix function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL number| ezobv function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| ezorefgsl boolean| __ez_fad_ezpbinitd function| __ez_fad_pb object| featureMap object| epbjsChunk object| ADAGIO object| Criteo boolean| google_measure_js_timing object| ezslot_interstitial number| ez_tos_track_count number| ez_last_activity_count function| initEzux object| riveted object| ezux object| ezoic_mash object| metricNameMap function| ezlogVital object| webVitals number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ox_esp object| _33across function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo_identitytag_143 object| ezslot_6 object| ezslot_7 object| ezslot_8 object| ezslot_4 object| ezslot_0 object| ezslot_1 object| msgData object| sas object| apntag object| _ADAGIO object| perf_vals object| criteo_pubtag_prebid_143 object| Criteo_prebid_143 function| cnx object| cnx_player_usr_storage object| GoogleGcLKhOms object| cnx_webpack_global object| cnx_usr_storage object| player_instance_f6c84fa72efe43e6ac0efe159ffd27e4 object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval function| cnxProxyTask object| pbjsChunk object| ezslot_3 function| cnxAddEventListener

129 Cookies

Domain/Path Name / Value
pastelink.net/ Name: PHPSESSID
Value: mfbfo4j9g49g48n23ufj880m7v
.pastelink.net/ Name: _gcl_au
Value: 1.1.1230344492.1698628436
.pastelink.net/ Name: ezoadgid_251786
Value: -2
.pastelink.net/ Name: ezoref_251786
Value:
.pastelink.net/ Name: ezosuibasgeneris-1
Value: 2e3a6261-4f1a-44a6-5368-5ae18216107d
.pastelink.net/ Name: ezoab_251786
Value: mod173-c
.pastelink.net/ Name: lp_251786
Value: https://pastelink.net/cpsbn47l
.pastelink.net/ Name: ezovuuidtime_251786
Value: 1698628435
.pastelink.net/ Name: ezovuuid_251786
Value: 8ef47507-f510-4766-5b99-f9ec646d99c7
.pastelink.net/ Name: active_template::251786
Value: pub_site.1698628435
.pastelink.net/ Name: ezopvc_251786
Value: 1
.pastelink.net/ Name: ezepvv
Value: 25
pastelink.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.pastelink.net/ Name: _ga
Value: GA1.2.1537357757.1698628436
.pastelink.net/ Name: _gid
Value: GA1.2.87720358.1698628436
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1698628436.1.0.1698628436.0.0.0
pastelink.net/ Name: ezouspvv
Value: 0
pastelink.net/ Name: ezouspva
Value: 0
.pastelink.net/ Name: _sharedid
Value: 3d490c6c-b0e7-417e-a37a-e55ec6dc7b1c
.pastelink.net/ Name: _sharedid_cst
Value: zix7LPQsHA%3D%3D
.prebid.a-mo.net/ Name: __amc
Value: 1_1698628437_1698628437
.sharethrough.com/ Name: stx_user_id
Value: 2a4d6661-f2a4-4854-a764-e529788c6a66
.yieldmo.com/ Name: yieldmo_id
Value: 3eLALLL__uL3lhGTLG5J%7C1698624000000%7C3395460526101438898%7C2834942196124164132
.adnxs.com/ Name: icu
Value: ChgIkfo_EAoYASABKAEw1Yb8qQY4AUABSAEQ1Yb8qQYYAA..
.adnxs.com/ Name: uuid2
Value: 762508879796792481
.openx.net/ Name: i
Value: cfe9e530-3f85-4bc5-b32c-7543a5eb9327|1698628437
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: a9106141d43646208818a1d23788f139
.omnitagjs.com/ Name: ayl_visitor
Value: b23c09598554890304c218fa87cbfccd
.pastelink.net/ Name: _cc_id
Value: a9106141d43646208818a1d23788f139
.pastelink.net/ Name: panoramaIdType
Value: panoIndiv
.yahoo.com/ Name: A3
Value: d=AQABBFUDP2UCEJveraMhhlSZQmJk1cLNFBQFEgEBAQFUQGVIZbtL0CMA_eMAAA&S=AQAAAux7FIm8_F_i4lhooOZjoaI
.pastelink.net/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1698628437471,"lastSynced":1698628437471}
.pastelink.net/ Name: __gads
Value: ID=4acab2b379bc6764:T=1698628437:RT=1698628437:S=ALNI_MZLCZNfZm0MQEvQgBKlncAwPcVp4Q
.pastelink.net/ Name: __gpi
Value: UID=00000cad7e319826:T=1698628437:RT=1698628437:S=ALNI_Mav2YCaXyjOZ0thoq5sAp7UXvFoQg
.script.ac/ Name: __cf_bm
Value: Zgg2_tD1vY3BpUNY9xnHYTSfP4ObxzCRQi.7H5bODII-1698628437-0-AdicPLRjzXR47Dz0WubtCNBb3LMDaNLokuljK+S9IIZRqboLl2MQIku+dv1LqXxAoD7O7PNRvoMrLhF1DzOAu/4=
.openx.net/ Name: pd
Value: v2|1698628437|n0vNvQiygu
.criteo.com/ Name: uid
Value: 8c0a4f55-caaa-47b2-84ee-3c841fe51615
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7274554178927420115
.bing.com/ Name: MUID
Value: 1DF9C977480B66872F34DACD49506738
.amazon-adsystem.com/ Name: ad-id
Value: A3ZZd_gPXEi-kFvzYXI1unI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1698628435.1.0.1698628438.0.0.0
pastelink.net/ Name: ezux_lpl_251786
Value: 1698628438505|cf18c734-ca59-41c7-61c2-e4a91ec97c4e|false
.pastelink.net/ Name: cto_bundle
Value: 4W9g8l9DVXdXbVpGcnhyd2R5VnB4aEwyJTJCSldrZUxReHdrMjhGa00xdW5IbWVJNVhrMDJ5SHVDSTZuWEZMaGlJME05MnBpMXM4clNyVm0xWG9kSEdMWFo4cTR1ZHFLa1NMUjRWdFZNdFQ5VkxOaGZDamhUU1ZON25EQVVmSDJCdUl4S2dIQTFITmRPVVdVTGZqR0JSRm5SdXR4USUzRCUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUnCHHFjBQwpJ1JZPumFFgA4A19XOhifiUnlG0gxa2ZDhAuPEl32xhpgQqlIJpA
.connatix.com/ Name: cnx_userId
Value: d7d70564d1424a16b538abc23ab9fe64
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1180443%7Cc%3D1180443%7Ctapad%3D1180443%7Cpub%3D1180443%7Can%3D1180443
.pastelink.net/ Name: panoramaId_expiry
Value: 1698714840549
.sitescout.com/ Name: ssi
Value: 5d3a3814-19e8-4806-afaf-d56473a6bc66#1698628440665
.bidswitch.net/ Name: tuuid
Value: 165854c7-7c4f-4027-b1cf-b0a8b2cd926f
.bidswitch.net/ Name: c
Value: 1698628440
.bidswitch.net/ Name: tuuid_lu
Value: 1698628440
.ads.yieldmo.com/ Name: ptran
Value: 762508879796792481
.ads.yieldmo.com/ Name: ptrc
Value: CAESEAD7XEJeAtJlHzj5sevRgdg
.tapad.com/ Name: TapAd_TS
Value: 1698628440845
.tapad.com/ Name: TapAd_DID
Value: 3eaa30e3-6aeb-4af7-9175-3f0df8f6bf65
.creativecdn.com/ Name: u
Value: O8Z2fv1nLSYcCedqCFnv
.creativecdn.com/ Name: ts
Value: 1698628440
.onetag-sys.com/ Name: OTP
Value: TlOIm8Wm25Hj0poXXx0XVfrmI2L_awe59nEt6LxP_ds
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6993747C-8CF7-44A2-B3BC-F486809E2F4A
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156983:2
.pubmatic.com/ Name: DPSync3
Value: 1699833600%3A241_235_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1699920000%3A35%7C1699228800%3A2_223_15%7C1701216000%3A203%7C1699488000%3A63%7C1699833600%3A21_56_71_55_161_3_196_254_22_214_46_88_165_220_13_54_8_81_234_166_251_264_233_238
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ads.stickyadstv.com/ Name: UID
Value: eac12f2077bd14f66c932cbb3977b3
.smartadserver.com/ Name: pid
Value: 6360361698443397873
.ads.yieldmo.com/ Name: ptrrc
Value: LOC7IL9R-F-6MHX
.adotmob.com/ Name: uid
Value: 09bd22040014c93362c117c7
.adotmob.com/ Name: uuid
Value: 09bd22040014c93362c117c7
.adotmob.com/ Name: partners
Value: AYL%3A1698628440965
.rubiconproject.com/ Name: khaos
Value: LOC7ILCO-14-808P
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2erd:18z8~2erd"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5ODYyODQ0MTAzMSwiNDEiOjE2OTg2Mjg0NDA3ODZ9
.csync.loopme.me/ Name: viewer_token
Value: 52ae1379-ca15-4619-9587-be244d87fe1d
.sportradarserving.com/ Name: zuuid
Value: 9dee695e-1939-453e-9fc5-e71c4d551648
.sportradarserving.com/ Name: c
Value: 1698628441
.sportradarserving.com/ Name: zuuid_lu
Value: 1698628441
.bidr.io/ Name: bitoIsSecure
Value: ok
.weborama.fr/ Name: AFFICHE_W
Value: IsLGp3xSAhAi65
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348&KRTB&23418-5d3a3814-19e8-4806-afaf-d56473a6bc66-653f0358-4348
.adx.opera.com/ Name: UID
Value: OPU03d3643a9daa4011afcc6cd2d7a79dc4
.adsby.bidtheatre.com/ Name: __kuid
Value: 08d3fb99-da8b-4013-af1a-c2ebc83567a3.467842441
.adfarm1.adition.com/ Name: UserID1
Value: 7295553602155772063
.de17a.com/ Name: guid
Value: 1.3605117586719518215
.richaudience.com/ Name: pdid
Value: 61493e8c-004b-420c-8435-1zz1698628426
.ctnsnet.com/ Name: cid_dbdcd1094dfe4b4daaf207968d27a1dd
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU03d3643a9daa4011afcc6cd2d7a79dc4&KRTB&23485-OPU03d3643a9daa4011afcc6cd2d7a79dc4&KRTB&23524-OPU03d3643a9daa4011afcc6cd2d7a79dc4
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGkRyFvoSeo3FbVKtJAijE0&KRTB&23025-CAESEGkRyFvoSeo3FbVKtJAijE0&KRTB&23386-CAESEGkRyFvoSeo3FbVKtJAijE0
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1698628441
.simpli.fi/ Name: suid
Value: 8FD1936F35954DB181146456D0F0F8D4
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlhZmRhYmJobGQJAG04zdcQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQyNbAwtjC1sBDiM9QtMgzON8izCHT0dgoBAGhtKvQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjQyNbAwtjC1sBDiM9QtMgzON8izCHT0dgoBAGhtKvQlAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZT8DWQACIaMCiwAg
.bidr.io/ Name: bito
Value: AAGmXU7KfgcAABl-iR6d0Q
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-1b9cb420-c801-4276-a7a0-48014d44dbac-003%22%2C%22zdxidn%22%3A%222069.66%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5124322329250838588
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.smilewanted.com/ Name: sw_user_params_infos
Value: Pc5bARLaaOKV6kTJZwJwsYp2mKq8f5MLN8aL4xmYnCWVsi%2Bm4b7ST%2FzYDw%2F8Xnrf3Nml4LqKyncF%2F6jJuhsJ3%2Fy5uWelkjYeLWbXriuOS0gyI4TiOrv8rRGnjD76nFnsAAKVj3YTgVROrJr3hL1hw9IsGM1UIB6TBWd9u2zCMoF1hITmmOvbxytKYNnBYoIMXWNXFDwEJoO93y%2BclqFQKuZTZxWSv3vtFlTUEFV69Y0e%2FGtRCMEG9dIiKjKYIx75qwDF6AQbk7Es9%2FKlyRfQ5zrpCNF0Et849RbGt4En%2FZpdWdI2%2F3NyaHSJb%2FrcFRuG
.smartadserver.com/ Name: csync
Value: 117:b23c09598554890304c218fa87cbfccd|127:AAGmXU7KfgcAABl-iR6d0Q
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3605117586719518215
.richaudience.com/ Name: avcid-smw-uid
Value: 32a9ee613ba5bbe1e811b5cb459e5024
.quantserve.com/ Name: d
Value: EM0BCwGnKvijAA
.quantserve.com/ Name: mc
Value: 653f0359-9a1c8-04d28-a06c3
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-26ac09ad-ee4c-574c-4a42-1f434293a187.eL2rSiCHHswBJVOXxxO06a5N3mK92kxRSs3%2BYqRCsag
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-26ac09ad-ee4c-574c-4a42-1f434293a187.eL2rSiCHHswBJVOXxxO06a5N3mK92kxRSs3%2BYqRCsag
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJqwJre5MV0xKQh9DQpOhh1TjqRQ.wiV3H%2BGKXLeOyY0Kk1zR0XUicWN%2FpcHXAvLT0kT95sk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AJqwJre5MV0xKQh9DQpOhh1TjqRQ.wiV3H%2BGKXLeOyY0Kk1zR0XUicWN%2FpcHXAvLT0kT95sk
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-JqwJre5MV0xKQh9DQpOhh1TjqRQ&KRTB&23334-JqwJre5MV0xKQh9DQpOhh1TjqRQ&KRTB&23417-JqwJre5MV0xKQh9DQpOhh1TjqRQ&KRTB&23426-JqwJre5MV0xKQh9DQpOhh1TjqRQ
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn&KRTB&19420-mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn&KRTB&22979-mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn&KRTB&23403-mf-QEp_5lk2C88JFzPKORJuukUyCq5NCzPmuGYsn
.pubmatic.com/ Name: PugT
Value: 1698628441
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE-MIkJg2DBp--dWvdnqOe0zV3pF32AesUTVblwCYddXEAEYAyDZhvypBjABOgTwi70wQgS5tXFs.P%2FPRQ2De5T4zXCfoRanvZS3SMTWCFlYI69k0mYZltsQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE-MIkJg2DBp--dWvdnqOe0zV3pF32AesUTVblwCYddXEAEYAyDZhvypBjABOgTwi70wQgS5tXFs.P%2FPRQ2De5T4zXCfoRanvZS3SMTWCFlYI69k0mYZltsQ
.audrte.com/ Name: arcki2
Value: 10392tPaXRQQxe-YJ1DY9-ueA!20220908!1698628441641!ip#84.227.169.20
.audrte.com/ Name: arcki2_pubmatic
Value: 6993747C-8CF7-44A2-B3BC-F486809E2F4A!20220908!1698628441646
.audrte.com/ Name: arcki2_ddp2
Value: 10392tPaXRQQxe-YJ1DY9-ueA!20220908!1698628441872
.bidswitch.net/ Name: custom_data
Value: k0d-MF9UN1B0c3ZENjNSaE5vSFQyV0VLUTZwQzVuM215MVpITUY0Q3lXUndkYlM3Skp2ZUpkQzIzeGZ6T05lUFlEOUM3V3gyMGtaNlVaVGV4TXBMd0ppcXVWRmtoMEtZV1dTd0V0bXF4c1VHSnZ1ZEZiN1JncCUyQnV2WmI4RXI0aGt5bFVVYnBzUEhnS0FPbXpuUXdtZkdKZkFUWWVkdW9ieW1rJTJCb2ZTTWdPMjZlbHN6NmlXTEE3ZFJmRlRJaml2ZzE4WHNN
.audrte.com/ Name: arcki2_adform
Value: 7274554178927420115!20220908!1698628442150
.casalemedia.com/ Name: CMID
Value: ZT8DWvjpTkuh7P4sPx4tDwAA
.casalemedia.com/ Name: CMPS
Value: 2175
.casalemedia.com/ Name: CMPRO
Value: 2175
.rubiconproject.com/ Name: audit
Value: 1|EMIp7kCrqPAufuS+KBg2b62fWKQZUnZVk/dZj/k3t+7k02UAaOtx1NNZxbgh8VOv7LVx0v8Sd50wHTRO1/p4iJhTlEWkyb93z+BTw9+h9R+M07NhaKWlpRZAVtQspwDhFNMpgLTlOiEoEpsWhTdSee5pVo3uQtneUhCtx+T+8p5R35GpyLKZ5mdvoGLIiyOj
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPQzdJTENPLTE0LTgwOFAiLCJleHBpcmVzIjoiMjAyMy0xMS0xM1QwMjoxNDowMS4wMDkyNTQ1MTMrMDE6MDAifX0sImJkYXkiOiIyMDIzLTEwLTMwVDAyOjE0OjAxLjAwOTI0MTc3MiswMTowMCJ9
.pubmatic.com/ Name: SPugT
Value: 1698628442

26 Console Messages

Source Level URL
Text
network error URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fpastelink.net%2Fcpsbn47l
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid8.20.0.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid8.20.0.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ups.analytics.yahoo.com/ups/58713/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://pastelink.net/cpsbn47l&pixelId=58713
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-.X0s6aBE2uUt_MQMVzXnV5hgyedm9mU-~A&gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-eu-west-1.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7274554178927420115
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/6993747C-8CF7-44A2-B3BC-F486809E2F4A?gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6993747C-8CF7-44A2-B3BC-F486809E2F4A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZT8DWvjpTkuh7P4sPx4tDwAA%262175
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6993747C-8CF7-44A2-B3BC-F486809E2F4A&sInitiator=external&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6993747C-8CF7-44A2-B3BC-F486809E2F4A
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2527ffdcda71dd00d08cc17e79319c45.safeframe.googlesyndication.com
a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adsdk.microsoft.com
adxbid.info
ams3-ib.adnxs.com
ap.lijit.com
api-2-0.spot.im
as.ck-ie.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bshr.ezodn.com
btlr.sharethrough.com
bttrack.com
c1.adform.net
cadmus.script.ac
capi.connatix.com
cd.connatix.com
cdn-ima.33across.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cds.connatix.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connectid.analytics.yahoo.com
cookiesync.api.bliink.io
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csm.nl3.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
g.ezoic.net
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lit.connatix.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pastelink.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
privacy.gatekeeperconsent.com
pubmatic-match.dotomi.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
the.gatekeeperconsent.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
user-sync.adxpremium.services
vid.connatix.com
vid.vidoomy.com
visitor-eu-west-1.omnitagjs.com
visitor.omnitagjs.com
www.bing.com
www.ezojs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ams3-ib.adnxs.com
as.ck-ie.com
bh.contextweb.com
bttrack.com
cds.connatix.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cookiesync.api.bliink.io
csm.nl3.eu.criteo.net
id.a-mx.com
image4.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
jadserve.postrelease.com
lit.connatix.com
matching.truffle.bid
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb.mfadsrvr.com
simage2.pubmatic.com
sync.bumlam.com
token.rubiconproject.com
uipglob.semasio.net
us.ck-ie.com
user-sync.adxpremium.services
vid.connatix.com
vid.vidoomy.com
104.16.86.20
104.17.24.14
104.18.23.145
104.18.24.173
104.18.35.167
104.18.41.104
104.21.28.48
104.21.63.106
104.22.4.69
104.22.52.86
104.26.8.169
108.138.26.85
13.107.213.44
141.95.98.64
142.250.184.234
142.250.185.104
142.250.185.194
142.250.185.206
142.250.185.97
142.250.185.98
142.250.186.100
142.250.186.34
142.250.186.66
142.250.186.67
142.250.186.99
145.40.97.67
15.235.15.221
151.101.130.49
162.19.138.117
162.55.233.29
172.217.16.194
172.217.18.1
172.217.18.98
172.64.132.19
172.64.136.15
172.64.137.15
172.67.10.198
172.67.144.62
178.250.1.11
178.250.1.3
178.250.1.8
178.250.1.9
18.194.76.100
18.66.127.127
18.66.97.24
185.106.140.18
185.184.8.90
185.29.132.241
185.64.189.112
185.64.190.78
185.64.190.79
185.64.191.210
185.86.138.150
185.86.138.154
185.86.139.93
185.89.210.90
188.166.17.21
193.0.160.130
195.5.165.20
198.47.127.20
198.47.127.205
2.16.241.18
204.79.197.200
213.155.156.167
216.239.34.36
216.52.2.91
23.212.211.47
23.35.229.251
23.35.236.188
23.35.236.201
3.120.55.153
3.123.243.72
3.69.213.60
3.75.62.37
34.102.146.192
34.111.113.62
34.111.129.221
34.120.107.143
34.254.54.88
34.95.69.49
34.96.70.87
35.170.18.82
35.186.193.173
35.204.74.118
35.214.196.176
35.244.159.8
35.244.174.68
37.157.6.233
45.137.176.88
46.228.164.11
46.228.174.117
51.75.86.98
52.223.40.198
52.46.128.147
52.48.43.143
52.51.16.139
54.165.64.233
54.217.195.217
54.246.65.75
54.75.96.107
54.93.103.174
64.202.112.63
65.9.66.122
67.220.226.233
69.173.144.165
76.223.111.18
82.145.213.8
88.208.215.108
91.228.74.166
98.98.134.243
00e07d0d13fffc0bf2611e451104da42ade35633963486905dc51edfe724556f
01192bbc04af8e6bfe95906a700dcd2faf83e64b9d133123093136646caabd3f
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
044fd7df09d0faf6035de8d8073d76daaf4b81862448bd2aa77b943ff02b3724
05bf9f66804f5b3fd3709c98ce41ebe1a4a9ce41383afb559282b5d035360960
0767eef091939a155706681ea361a93bab90c311f4fec6a9b6b4e8f3c449220b
07a54e49f65745ec3e0c0bfec9c0005b787370f8f65476b8da936e14d9ceaaa1
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0916a24b636bf315798d9532d94d63a2b7933e220a614afebe990d0b95e6ec6a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c22229bf84e8175c2daf4ba6bad887c91187db71ff2911f6f598b5215134934
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
12ae28ac8e3330794dfbdd645dad2f03fe6b8ead4bc1fbd2ff5b971b20af9fcb
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
12cf607702d0dfec017ba44fe7b8201c0f3b70b43db1a9d2b0c3e388553bff24
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15c5ab257f685e66dbabf646aeb10b4e616dc155b17d8e1b170aa5c1cd8fe32b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19272aa00962a7d3df26aa4645d3c6d6558b1cdb8ef2bc4ec463c77d55703816
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1d25739db02de792436f6797073ff2144ca213b4c7cddd521b1645f4757ccc39
1d35a435c34e52e98e05cdda07d86d384e983dc8400effc1af4c968375ba3ea4
1ea39abed7a81ca9d42a3df7946158651957f2be32c1e6a298000058cbef0d5d
1f8a69b2a2b34f9ad653d8d8627fb36573303a4442a5aff2699707a5ccebf033
1fd3bb7c8e5409348cfec7a9e042e00b5cc3cf8d3d68f8862feeeeadfb8385bc
213320d9e67ea21fc638ca3ae34da41da10cecdf7d53896a96208a664cd56734
215db6220a33c98414cc72431728c87ec22fbda8e2b72d12932217d6629f98b4
219a5b5202487ad29f0d146acb4cf214ee36e3e89802162422a7c2bc5e87db90
226716873806eb8e4e43f9d499be3be3448b4792e020cf7cb8712577a03b0bd6
23d808aef91f5fc3308dd8c97bde0383aef646942ae9b5d76c441da284469294
251da6e0a1e937383772575817a546684f2055e52b4dd35af3302db7a8b9ea39
2545e9db8fd27d8f072315b91467f140b957e02d17394ea99163bf15e71d9c0e
256774147c18fde1089393e4008316d583dd0fe5f5aacc9438b23640ce1c552a
26a09a8c06d9cc23f4c1683372f90600830d1334553bc1a32b111dda03720cb0
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8
275753362b3266fc6b06e16d279c047b5daa36b38d7468be870d77346fa95c3f
28fd563a4a1ea2bcc7177e450c605bb349b91ae4649d3b1fa5ec5c79ba428d3c
294cf256ca02d28e876db2a0664287ebf87bb32a1af56c832b05edb7af5be96d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c34f09169d2a10e8f5863960e81575ab70f88b52f4bd3386ce5e41e73a94487
2cb36489072c0eb085096a47bfcced826b7a973e5f294d5a2b54bf16df3449d9
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a
2f0c494eb3dc8b7ccbe0125ebf1e53a6d3a65f4612da107a5a5093825658ff43
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300e2db7f019d940ffcb00bff1342eeeab8b4c44806e34b91f9e2c49432171aa
30887d75ca7268ceabc93067bca019f8ffe07189630a759407b236736e1f15af
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a2baa1b5a0e87a7b49efbf01793684e0c5b719f13c73e6216143dc34e4ff60
330a79ee4f56cd59217889dc2c1c9db236fe512ef5005f07ffc269e1218e8a05
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bbfdf0ac857c6cc34ea4ebd139244b1a87ce193793c4b48c0b4059686ae222
3984f4ff65bd39033cef8165012c524c15f3311bc2af7cfcf5e7b42695b86af1
3acf9d923c01170abebf0d6655904e9eef3b7238fae03cd12616208678481e10
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4024b1c5dc321223723aa53aad1398c0ee8e3e7592806f90ff813a415114ce88
412e7d7cde179db8f01fc9ba4453d4cbe4d713b9c9b14f9a281de1d5587982f4
4374160bba5d73f760750839c42d27c61870cb10e7e94eaf8e9cd49e7a1f6bfd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b848ce1bea5ca25251a1c22058f8df660f1c8161c21ebc13a9ba55ec479d10
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47136135f5a6927b97483def6b726635568e8bde0a6e0d529f2fc7b339df2fcd
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4b99af3fbe84c288c40659f1dfdbf3b58f544f6829dafa440268b5e055dcf64a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
50fbbe164918e6fb86e26b49d99c193d1c36ec6bbf9a51b9967ca74f2282ccde
51959346379e197297e16890143a3aa585123230561d2808c6812d01655b8edc
52b5a08de485f199a8fc3d78951104b7b559bab46909aa5f85a123fa41c5e135
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
57ed6dfe36a2b2680ab6067032185f2c4cccc534b118a3d2067c6b643ef43678
58a1c89d041719447a42512583c5c950769a928b5c0a82a198f28731ebac893c
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5ed35b8cfa65b52b66cda4ef14328483e729225a4fb8bcf50009914b465cd4a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6aab5055a4e4a0aa37268f38cbe1ce0a510c0a8066718f6558085258a809be44
6bd922ec02508159bf304e17e52ba0eff2e563f060fab54e84e2b9c04e2f67b3
6c526e79363776fb76cba9edcdb098f8bcbc8f2c6f6f62aed3430e1c15e2320c
6e72d4099586cef4ddbb5c0c72f093ed28441d0fe3c03bd375fbefb25cdba188
6fa04d8b4b07ebd5ebb250e33b532615e80dd02d46afb5cc0654c3c128b1c427
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
763a4f11850166f5335d2652a4c46cdc6ef35234ce72d7574ab49dfb5f2629a7
7b1cc28a497ef133b82421f76e9874c1dc4f6e31adc6ff6c436c1254e324d4d4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80670d2f4df1639c496f0e4289d63202b5ca409ab33e7cb942db8ec441cd6291
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8ce113bbf0b3136cbb50dbdde8bb26c3e0d3032620c83b1cd6fd2b9d2beb0225
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9226b0e721b301c4623d8ac6c12281a485c98ec743a0aa5e2ffacd75c49ade72
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
958e28bc668ef4f2e177884feeb001f2024f40838d21856dcc4f2951615dc5e4
96b73941a7ae7b4a128b614e96cdfbedd375e3bea38657b308b4c28f4f056fb8
9724d398708e354580c5fbe66b041b5134a37082b674da1e770b6840393408a6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99d28139f2df8216a21647c3d545d6cb486e23c4f096adf1c44cdc0e10b3aeb3
99f270281126cd9ddf409428eec88b72cf4aff4d99533bf2490c8f601b6c430c
9baf824f89bfc1dd8c649c06e2b947b24417f6fb3b1db92fcff4aaf1d3d3bd09
9c5b5d8b04337c9df28e247c40b7d8e5c130061769061dbc8c458b0ef98e5f6c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a36052bf6c7062f263f34987e86e59d477141589cdb91110094fad748691ce84
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a54af86fefb1288239fcd7cb20a8368327a53b28ae77a163a48d75c9864bb8fd
a5997b73d1ba8f5eefec48d79c1cd417caf47c457e6ad47e5bb64288588e061c
a616a58b5ad3a41c5a1c8412d0c0e4d0d9c7f81c426193feaad63243e1d1d5f5
a73c9b0f1c80f7c99bd7638c27cb0c5f3643fdb5cdbfd64e8eb90b94ab5f71f5
a7cc1c0a78c74129a8c173cf11de37ec09eb2d51bc63a5ca452fa966d7c211f8
a7f55aafe2bbf33bafb285ab2b30b8dbd005698ecd630060084fa11dc6c9b357
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
a9f637c6cfe255dce1480706b84f81013d5c336cc941c13a0d3e98507901d13d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acff18b9dd469f70f4d45d24dadf6de847a9b3abeb3e891260eb8160ffac8039
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
b01d53596221a10ad89cd142297dd43310bbe0531fe4694fd590fdbeebf5a18d
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3006c6f01e9145d1c4f06d64ae811bd9463ae8f80ce309faead698106a9cc9a
b65d5447341340855eebd7743f8f51c03f9f37a7cfdf9e85a344796ebefb77d5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc36d20c05b43b645773291ae178eabbd6b894efd212dea1424cb3903506166
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
be16dce573945b7bbc66dd1eb20fa5949d17d6585f48b2f1ccfa6e7db7240dc6
c1488d1b9f5c1fd70aad864990791417d566f29dbfea8bd6481e5e08003c411d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c45c671190fb8deb70cd574cb0e63b52c671855bb4cb7de28b273c37538c9221
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c91ca771fea5e8e53fb5a4d830071d75c44238837e56ed80fab4578a51ae5899
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9
cd289ac735ef79ace5e4cc47d97f95ac83477916c134adccbbfd7c60c49a488e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce81b1567a58fda3f1b0fcbed0238d09249a4624f89ce077cf992d4cfdb52fba
cebc0ded9f2ef3dd4e3c6d6010538dee890c24a070d6ba991e0c93e451d96ccd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf72d07049e1f557311188bc3d342f012e66310f773118dd0a158445ff5b01f6
cffe7702cd352cf5b9334e7ae5ed3babf6dcb9277499d93cc24ad8d95a7d6658
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1e3c22b91f848e4927faacd595df9d18461284191d08a1ceda7b06b201b1903
d1ed359c478bc240c3f0455b9567bcce6e3043e475b0a2380c3f51ea05ab64a6
d2975ad9fed76943cd29612c490a47ff3885a95e75457aeef4a6d1c8752f156e
d611be42df1ac0f43a60311d9a1991d663078c5d0bf90c6d3ac8d116175874bb
d779718eed5e6af18de75d3edd354975bc904d0e97484222b86f68191a9edcda
d79ede867e31cc892b29bed89f510c166dae4f43c3fc24785e9184fd0bfac16d
d839b193eba1dd4578cc90dfe2fe6edea552e807f65af9e79780a58d0ad9b1bb
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd7624f0396f804cb1b5d83ec51c50cde2438f1b2f5bdca6d188cc3b006cc948
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6223a5ca5d2d48bc6ffa73a98f9cf66cb50ebec51caf1ab4e9bbde2494a3db
de87bb69f975f75ecc1e95684d9f1bdaaae75bcbbb118b4b280a8c425be735c6
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
e256a1b8565a0bba208288eb3885641ec6217176ffbc36a87be18c61242fda99
e286031bab2a01f6284da514b3feb85b3a65a264d5d0172329ea44f698d46314
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eb0dcb5516d2cf3ae9909a964e0886cdc8370593941827e0376bee80fcc0f8
e611f58b19c2ff6aba81588e7b0a148e523d8acbadc40092f8de5f50dca2f93c
e6a28df43cbd691c4b7bb4d129c9e59f154a8b5a4c865b3b58a874eadeadd74c
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e91ab37ea2e23bd169db8c21dd66dcec02e14cc2bd278815b45b1af870893c76
ea2624280e023b61d9855829c693a1efd5576582bc34d67743190971e8a2f9d1
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e858e11bbfe82d0150dd8fc768dfdb4577415c0ee84435e0d6c51a50e6cb64
f37af679cc8e5e6f04435f7acb92da5067fa70e76f4b46dd1373de858416b051
f4e0806b8cd406a4173933a6013af7fc78cb54618ee83072865d36901ec297e4
f511fa7924776077436e0e7c47d96a420282192ee4f9c5dc96def26cb856c709
f638c06469327f93e5bc86ced0856b2cb42f583334ebcf3ea346fb802a5446c1
f9f51eb2ca53079a224b7695e86ab540be452269e3e17edc3d78478184a059cf
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e