www.pastemagazine.com Open in urlscan Pro
2001:4800:1421:41:bc04:a231:4b6b:c5b3  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 41

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 45

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Lnk3JFcwTQW6Hdo2jUF01g&rk=usync-other HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lnk3JFcwTQW6Hdo2jUF01g

Request Chain 46

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWSTMxSFctMUItRkhGQg== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWSTMxSFctMUItRkhGQg==&google_tc=

Request Chain 48

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nTQ37ls_QVCnqXWFUh0Xrw&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nTQ37ls_QVCnqXWFUh0Xrw

Request Chain 49

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAyMGU1YWFhMTM3YWJhMTAxNTFhYWUzNDcyY2MxYTg1NjQ1YTY5OA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAyMGU1YWFhMTM3YWJhMTAxNTFhYWUzNDcyY2MxYTg1NjQ1YTY5OA&google_tc=

Request Chain 50

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/3A30NpOQTabxW1bvXW0DHcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5503159418447432339

Request Chain 51

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOawqVXQWdjIPQLC6OXT8q4&google_cver=1

Request Chain 52

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8VI31HW-1B-FHFB

Request Chain 53

• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAyx-kgkEnqDlM60oK8sZb8&google_cver=1

Request Chain 55

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&dcc=t

Request Chain 56

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yz1fg-NrjjPkKz3.2folVAAA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yz1fg-NrjjPkKz3.2folVAAA&google_tc= HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPtzLrMNJHA3Et0-12bHzJI&google_cver=1&google_hm=2

Request Chain 57

• https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=07bb633d-5f84-4800-b69e-b4df0fc8e30e

Request Chain 59

• https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
• https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=42d9ec32-58e7-8477-efa5e268

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/	81 KB 27 KB	558ms 298ms	Document text/html	2001:4800:1421:41:bc04:a231:4b6b:c5b3 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:4800:1421:41:bc04:a231:4b6b:c5b3 , United States, ASN33070 (RMH-14, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 8fbaff19f3d275d85b6219bd6a57687a3710210440ad49b70ee91daaee5de902 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control max-age=0 content-encoding gzip content-length 27226 content-type text/html; charset=utf-8 date Wed, 05 Oct 2022 10:42:07 GMT expires Thu, 06 Oct 2022 10:42:07 GMT last-modified Wed, 05 Oct 2022 10:42:07 GMT server Microsoft-IIS/10.0 vary * x-aspnet-version 4.0.30319
GET H2	200	inline-39.2022.10209.11821.css images.wolfgangsvault.com/images/css/article/	84 KB 36 KB	57ms 29ms	Stylesheet text/css	96.16.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://images.wolfgangsvault.com/images/css/article/inline-39.2022.10209.11821.css Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.140.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-140-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash f7a2f0451c11a41ecdc7b31250102e3160d5f267b936ed047804ec33e8aa0b72 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers unused62 8096267 date Wed, 05 Oct 2022 10:42:07 GMT content-encoding gzip last-modified Wed, 09 Feb 2022 18:22:34 GMT server AkamaiNetStorage etag "f82fe2532fe3d1f65f45346a43ecb7c7:1644430962.35387" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 12 Oct 2022 10:42:07 GMT
GET H2	200	stylesheet-39.2022.10209.11821.css images.wolfgangsvault.com/images/css/article/	159 KB 25 KB	51ms 23ms	Stylesheet text/css	96.16.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://images.wolfgangsvault.com/images/css/article/stylesheet-39.2022.10209.11821.css Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.140.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-140-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash fffae24a759dd279c4eda8a31b63739adac99d4b23d7f5f8d94929104170cd8f Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers unused62 8096267 date Wed, 05 Oct 2022 10:42:07 GMT content-encoding gzip last-modified Wed, 09 Feb 2022 18:22:34 GMT server AkamaiNetStorage etag "f5b9be5abb51c2105e0b2da1ce7fd3a7:1644430962.797655" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 24829 expires Wed, 12 Oct 2022 10:42:07 GMT
GET H2	200	nightmare-before-christmas-main.jpg cdn.pastemagazine.com/www/articles/2022/10/04/	32 KB 33 KB	7ms 7ms	Image image/jpeg	96.16.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pastemagazine.com/www/articles/2022/10/04/nightmare-before-christmas-main.jpg Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.140.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-140-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 028b2eb171e0925c868376210ab66237e8a235a238f835ddb0591cf1a8806fa9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:07 GMT last-modified Tue, 04 Oct 2022 18:03:14 GMT server AkamaiNetStorage etag "61aeba494248f82cdbb59de506b09126:1664906595.792378" content-type image/jpeg cache-control max-age=14400 accept-ranges bytes content-length 33009 expires Wed, 05 Oct 2022 14:42:07 GMT
GET H2	200	javascript.js Show response www.pastemagazine.com/pastemagazine.js/article/	405 KB 107 KB	129ms 129ms	Script text/javascript	2001:4800:1421:41:bc04:a231:4b6b:c5b3 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/pastemagazine.js/article/javascript.js?cb=39.2022.10209.11821.2 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:4800:1421:41:bc04:a231:4b6b:c5b3 , United States, ASN33070 (RMH-14, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash a48495f5bae2887285155de6ea77965d7c05e788afc105eaf586895a4db2d05e Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:07 GMT content-encoding gzip last-modified Wed, 05 Oct 2022 10:40:46 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 etag "PV9VzZnfKCI+Nc0aqkJqhY0T7jJ7KHQWbjw/QwEEPHg=" vary * content-type text/javascript access-control-allow-origin * cache-control public, max-age=86319 content-length 109089 expires Thu, 06 Oct 2022 10:40:46 GMT
GET H2	200	landing-header-bg.png cdn.pastemagazine.com/images/	358 B 551 B	7ms 7ms	Image image/png	96.16.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pastemagazine.com/images/landing-header-bg.png Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.140.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-140-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 2435dd626c595dc314a346e6be037eb57c615d67b0f83c15671b6426622bf42a Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:07 GMT last-modified Wed, 19 Sep 2018 18:33:50 GMT server AkamaiNetStorage etag "c44e2355ba5bc5bec860f62a3b035a12:1537382030" content-type image/png cache-control max-age=14400 accept-ranges bytes content-length 358 expires Wed, 05 Oct 2022 14:42:07 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	138 KB 52 KB	135ms 48ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P8HM6Q9 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b1e5b056a503b56d8f10abfe21744d414e48b581a57ec541123c8fdc2495a851 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52742 x-xss-protection 0 last-modified Wed, 05 Oct 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 05 Oct 2022 10:42:07 GMT
GET DATA	200 OK	truncated /	13 KB 13 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bfb9c4f4b5fa59d0f86083205c2035868127701787711cc0311452a46bebe56f Request headers Referer Origin https://www.pastemagazine.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type application/octet-stream
GET H2	200	js Show response www.googletagmanager.com/gtag/	212 KB 74 KB	49ms 48ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V3K4873RKC&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8HM6Q9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e022628c7e6dc0ac679ab478393ba0018d6a786e85950c0ea8945c2302c4b98e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 75696 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 05 Oct 2022 10:42:08 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 351 B	103ms 36ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-V3K4873RKC&gtm=2oea30&_p=186583439&cid=1383910607.1664966528&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664966528&sct=1&seg=0&dl=https%3A%2F%2Fwww.pastemagazine.com%2Fmovies%2Fdisney%2Fbest-halloween-movies-on-disney-plus-family-friendly-scary-horror%2F%3Futm_source%3DPMNTNL%26utm_medium%3Demail%26utm_campaign%3D221004&dt=The%20Best%20Halloween%20Movies%20on%20Disney%2B%20-%20Paste&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V3K4873RKC&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	nightmare-before-christmas-poster.jpg cdn.pastemagazine.com/www/articles/2022/10/04/	24 KB 25 KB	19ms 19ms	Image image/jpeg	96.16.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pastemagazine.com/www/articles/2022/10/04/nightmare-before-christmas-poster.jpg Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.140.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-140-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 9bb90e4dc5d0158cee3fbf6673aa5c7fc3a00c38c28816b1d5607bee03e686e5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:08 GMT last-modified Tue, 04 Oct 2022 18:16:00 GMT server AkamaiNetStorage etag "7b05f0c907c7814223b869223061cc3d:1664907361.140178" content-type image/jpeg cache-control max-age=14400 accept-ranges bytes content-length 25034 expires Wed, 05 Oct 2022 14:42:08 GMT
GET H2	200	hocus-pocus-poster.jpg cdn.pastemagazine.com/www/articles/2022/10/04/	29 KB 29 KB	27ms 27ms	Image image/jpeg	96.16.140.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.pastemagazine.com/www/articles/2022/10/04/hocus-pocus-poster.jpg Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.140.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-140-165.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 036ffd112bbd72a4165ea0c1a004d7d3f8665fe6657a735455386d11383dd8a6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:08 GMT last-modified Tue, 04 Oct 2022 18:15:41 GMT server AkamaiNetStorage etag "43d7ef074f3824d7e07dbfba6be92934:1664907345.483025" content-type image/jpeg cache-control max-age=14400 accept-ranges bytes content-length 29191 expires Wed, 05 Oct 2022 14:42:08 GMT
GET H2	200	ads-gam-a9-ow.js Show response www.pastemagazine.com/common/js/	45 KB 8 KB	130ms 130ms	Script application/javascript	2001:4800:1421:41:bc04:a231:4b6b:c5b3 RMH-14
General Check archive.org Show headers Download Go to Full URL https://www.pastemagazine.com/common/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:4800:1421:41:bc04:a231:4b6b:c5b3 , United States, ASN33070 (RMH-14, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash afc48a5d1dbf0098736cb913267818b4a72153ced78b5dd1a29e69eccf12b291 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:10 GMT content-encoding gzip last-modified Thu, 10 Feb 2022 13:40:06 GMT server Microsoft-IIS/10.0 etag "0ff91b6831ed81:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=864000 accept-ranges bytes content-length 7766
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	167 KB 43 KB	41ms 8ms	Script application/javascript	18.66.108.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/common/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.108.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-108-49.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:05:10 GMT content-encoding gzip via 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront) last-modified Fri, 30 Sep 2022 18:36:21 GMT server AmazonS3 x-amz-cf-pop FRA60-P1, FRA56-P5 age 2221 x-amz-server-side-encryption AES256 etag W/"da0e8e1151d3ebb7a34f07d19a6e05d0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id m2gEynjW40LyGsOuvoi3Gny__NYgLzzek2sZY06BVhqjnZrmzSIF6Q==
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/160494/3742/	471 KB 142 KB	30ms 7ms	Script application/javascript	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/common/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7a967bb46fe9a2432ac3dc1f647b78ce0630c791a3fa78a4d396a27eec0a8c6c Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:10 GMT content-encoding gzip last-modified Tue, 21 Jun 2022 15:49:34 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=94758 accept-ranges bytes content-length 144497 expires Thu, 06 Oct 2022 13:01:28 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 28 KB	165ms 54ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/common/js/ads-gam-a9-ow.js?ver=b&cb=39.2022.10209.11821.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b7112c107a95d0e53b157c81302f6f1b41b0ad0c6bd091ea9171a523d84a051d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27653 x-xss-protection 0 server sffe etag "1354 / 176 of 1000 / last-modified: 1664959347" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 05 Oct 2022 10:42:11 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	23ms 7ms	XHR application/javascript	18.66.108.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.108.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-108-49.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-amz-version-id I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4 content-encoding gzip via 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront) date Wed, 05 Oct 2022 09:55:05 GMT x-amz-cf-pop FRA56-P5 age 19878 x-cache Hit from cloudfront last-modified Mon, 19 Sep 2022 09:37:07 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id WuSyIefyWLgXRbYyJoVG1UeAkAKwDkbG1WJJJvnlFfjeMN_om5gToA==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	761 B 1 KB	8ms 8ms	XHR application/json	18.66.108.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pastemagazine.com&pubid=9d883dc1-db2e-4fb8-960f-4ea07f2b85d8 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.108.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-108-49.fra56.r.cloudfront.net Software Server / Resource Hash 68553560d0e2ded02e5d93155ad13489f2b84fe209dacc511f542f078f07fbda Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 06:58:35 GMT via 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P5 age 13416 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://www.pastemagazine.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 761 x-amz-cf-id dyJdgXvMn3GGIPcYoWbg7HknaNowyDP69LOuRXcz29CSSU7mTOKMGw==
GET H2	200	bid Show response aax-dtb-cf.amazon-adsystem.com/e/dtb/	23 B 465 B	97ms 52ms	XHR text/javascript	99.86.3.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pastemagazine.com%2Fmovies%2Fdisney%2Fbest-halloween-movies-on-disney-plus-family-friendly-scary-horror%2F%3Futm_source%3DPMNTNL%26utm_medium%3Demail%26utm_campaign%3D221004&pid=TvwkzZGS7bffE&cb=0&ws=1600x1200&v=22.9.81452&t=500&slots=%5B%7B%22sd%22%3A%22top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_1%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_2%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_3%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_4%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_5%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_6%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_7%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_7%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_8%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_8%22%7D%2C%7B%22sd%22%3A%22mid_leaderboard_rectangle_9%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmid_leaderboard_rectangle_9%22%7D%2C%7B%22sd%22%3A%22top_rectangle%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Ftop_rectangle%22%7D%2C%7B%22sd%22%3A%22middle_rectangle%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fmiddle_rectangle%22%7D%2C%7B%22sd%22%3A%22bottom_rectangle%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fbottom_rectangle%22%7D%2C%7B%22sd%22%3A%22bottom_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1225956%2Fpaste-viewable%2Fbottom_leaderboard%22%7D%5D&pubid=9d883dc1-db2e-4fb8-960f-4ea07f2b85d8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.236 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-236.fra6.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA6-C1 x-amz-rid CYM29X1AAMP8M6R4H4BT vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.pastemagazine.com access-control-allow-credentials true timing-allow-origin * content-length 23 x-amz-cf-id Btk--f-EqF4BPTFGXY0-iUDvksI-QRKiM9GmufensliPOzJdx8Myuw==
GET H2	200	aax.js Show response c.aaxads.com/	425 KB 121 KB	101ms 51ms	Script text/javascript	104.103.89.41 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.aaxads.com/aax.js?pub=AAXGIZE66&hst=www.pastemagazine.com&ver=1.2 Requested by Host: www.pastemagazine.com URL: https://www.pastemagazine.com/movies/disney/best-halloween-movies-on-disney-plus-family-friendly-scary-horror/?utm_source=PMNTNL&utm_medium=email&utm_campaign=221004 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-89-41.deploy.static.akamaitechnologies.com Software Apache / Resource Hash cecad86559f448b24b6eefc630ef2eb8d8833ecc5812931b7d788d190e507998 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers strict-transport-security max-age=604800 content-encoding gzip date Wed, 05 Oct 2022 10:42:11 GMT server Apache vary Accept-Encoding x-mnet-h E content-type text/javascript; charset=utf-8 cache-control max-age=1800 expires Wed, 05 Oct 2022 11:12:11 GMT
POST H2	400	/ Show response ow.pubmatic.com/cookie_sync/	120 B 271 B	53ms 15ms	XHR text/plain	185.64.190.84 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://ow.pubmatic.com/cookie_sync/?sec=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash b6e7aed079d176a0b4dac32e74a1550cb2b219410d5d9bf62295982337ae9b67 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Wed, 05 Oct 2022 10:42:11 GMT access-control-allow-credentials true x-content-type-options nosniff content-length 120 content-type text/plain; charset=utf-8
POST H2	200	auction Show response ow.pubmatic.com/pbs/openrtb2/	257 B 345 B	55ms 18ms	XHR application/json	185.64.190.84 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://ow.pubmatic.com/pbs/openrtb2/auction Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.84 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e196ddd392cdbd05df094f05fcb4ddfbf839d3375080eb3d9248f831cf12cece Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Wed, 05 Oct 2022 10:42:11 GMT access-control-allow-credentials true content-length 257 content-type application/json
POST H2	200	25 Show response web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/	1 KB 816 B	69ms 19ms	XHR application/json	2a02:fa8:8806:12::1460 VCLK-EU-SE
General Check archive.org Show headers Download Go to Full URL https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash 33e4ef087d5cafe6b6d27861088c8e97183cddffd076f22bfe87388e36261d63 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT content-encoding gzip server nginx content-type application/json access-control-allow-origin https://www.pastemagazine.com cache-control no-cache access-control-allow-credentials true content-length 610 expires 0
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	1 KB 5 KB	208ms 161ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17188&site_id=273474&zone_id=1364258&size_id=2%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15%3B15&p_pos=atf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf%3Bbtf&rf=https%3A%2F%2Fwww.pastemagazine.com%2Fmovies%2Fdisney%2Fbest-halloween-movies-on-disney-plus-family-friendly-scary-horror%2F%3Futm_source%3DPMNTNL%26utm_medium%3Demail%26utm_campaign%3D221004&tg_i.pbadslot=top_leaderboard%3Bmid_leaderboard_rectangle_1%3Bmid_leaderboard_rectangle_2%3Bmid_leaderboard_rectangle_3%3Bmid_leaderboard_rectangle_4%3Bmid_leaderboard_rectangle_5%3Bmid_leaderboard_rectangle_6%3Bmid_leaderboard_rectangle_7%3Bmid_leaderboard_rectangle_8%3Bmid_leaderboard_rectangle_9&tk_flint=pbjs_lite_v5.20.3&x_source.tid=e6f23ebc-8d1a-43b9-9f20-f60c8a42a04f%3Bdd1f9cfc-7271-47f7-9986-b8138495aa9f%3B6d3c7dea-7b7e-433a-905b-433f29546111%3Bb3b10e74-4ad8-4384-b075-ec692b0a294c%3B533acd77-311b-4900-a17c-58e22ceb59b8%3B2399b23f-0a52-4835-a900-de4813360b0e%3Bef2be3d9-9076-40e8-a45e-a8da7ae5353a%3B8f30ede5-0f44-4b4f-b1b1-171103c7e196%3Bf7fd871b-65d5-4220-903e-c00759f2045e%3Bcea928a6-b97b-4ad3-b6ff-23765030f1b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=10&rand=0.09804079335689897 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 33517dbb28a8e850d23e40395bb1603c751d2dc552e0211dbb7ad6dec6b5a031 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Content-Encoding gzip Server nginx/1.21.4 Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin https://www.pastemagazine.com P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 445 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	608 B 3 KB	169ms 123ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17188&site_id=273474&zone_id=1364258&size_id=15%3B15%3B15%3B2&alt_size_ids=10%3B%3B10%3B&p_pos=btf%3Bbtf%3Batf%3Batf&rf=https%3A%2F%2Fwww.pastemagazine.com%2Fmovies%2Fdisney%2Fbest-halloween-movies-on-disney-plus-family-friendly-scary-horror%2F%3Futm_source%3DPMNTNL%26utm_medium%3Demail%26utm_campaign%3D221004&tg_i.pbadslot=top_rectangle%3Bmiddle_rectangle%3Bbottom_rectangle%3Bbottom_leaderboard&tk_flint=pbjs_lite_v5.20.3&x_source.tid=10e36d1e-9633-40bb-86b7-bb04e54c32ca%3B21bcdae3-11dd-48a9-b804-c2b3cb43bc3b%3B8adfa605-0a38-49ed-b055-dd60dcc0bf6b%3Bb8e41343-ff66-4fb1-9789-740d44437a1c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=4&rand=0.537578846228318 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 5fc3a94f7c9fd6282797832d523d83958c2ed2898f928e16ff14812cb0b1b0b8 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Server nginx/1.21.4 Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin https://www.pastemagazine.com P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Length 608 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 120 B	117ms 70ms	XHR text/plain	198.47.127.22 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=ow-client Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.pastemagazine.com date Wed, 05 Oct 2022 10:42:10 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
GET H3	200	pubads_impl_2022092901.js Show response securepubads.g.doubleclick.net/gpt/	376 KB 127 KB	109ms 36ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092901.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54a6606bed93bee86d6763cdc2f435c3501de5b129044f7896fda2080e9d5caa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:27:39 GMT content-encoding gzip x-content-type-options nosniff age 872 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 130415 x-xss-protection 0 last-modified Thu, 29 Sep 2022 08:35:48 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 05 Oct 2023 10:27:39 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	124 B 129 B	126ms 48ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pastemagazine.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 774a0724cc0e242a50e1947fdc08d0039805459206b0faccb71704992517add5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0 expires Wed, 05 Oct 2022 10:42:11 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	122ms 38ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8HM6Q9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 05 Oct 2022 09:01:59 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 6012 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 05 Oct 2022 11:01:59 GMT
GET H2	200	aacxs.php Show response c.aaxads.com/ Frame 0138	22 KB 9 KB	52ms 51ms	Document text/html	104.103.89.41 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.aaxads.com/aacxs.php?flg=AAXGIZE66&fv=1&fy=37&ke=1&suylg=292%2C325%2C108%2C141%2C241%2C97%2C209%2C23%2C272%2C251%2C263%2C214%2C3012%2C291%2C356%2C368%2C229&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0 Requested by Host: c.aaxads.com URL: https://c.aaxads.com/aax.js?pub=AAXGIZE66&hst=www.pastemagazine.com&ver=1.2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-89-41.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d1c720690c714b22d762ce648238e1c1ab2d106e682395ca61de5ce147410ce1 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=172800 content-encoding gzip content-length 8651 content-type text/html; charset=UTF-8 date Wed, 05 Oct 2022 10:42:11 GMT expires Fri, 07 Oct 2022 10:42:11 GMT p3p CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA server Apache strict-transport-security max-age=604800 vary Accept-Encoding x-mnet-hl2 E
GET H2	200	pxusr.gif c.aaxads.com/	43 B 220 B	20ms 19ms	Image image/gif	104.103.89.41 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c.aaxads.com/pxusr.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-89-41.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers unused62 8096267 date Wed, 05 Oct 2022 10:42:11 GMT strict-transport-security max-age=604800 last-modified Mon, 26 Feb 2018 13:29:58 GMT server Apache content-type image/gif cache-control max-age=407839 accept-ranges bytes content-length 43 expires Mon, 10 Oct 2022 03:59:30 GMT
GET H/1.1	200 OK	pxext.gif www.aaxdetect.com/	43 B 342 B	30ms 7ms	Image image/gif	23.205.239.15 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aaxdetect.com/pxext.gif Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-205-239-15.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Unused62 8096267 Date Wed, 05 Oct 2022 10:42:11 GMT Last-Modified Mon, 26 Feb 2018 13:29:58 GMT Server Apache Content-Type image/gif Cache-Control max-age=361442 Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Sun, 09 Oct 2022 15:06:13 GMT
GET H2	200	log l3.aaxads.com/	35 B 173 B	47ms 19ms	Image image/gif	104.103.89.41 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=70&dgw=desktop&flg=AAXGIZE66&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=pastemagazine.com&vhuyqdph=ssp-serving-7cf6696fdd-4clhf&vyu=100510_457_100510_413_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001664966531227031177838086997&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=70&fhqg=24&hqg=45&gvwduw=25&fvwduw=24&vwduw=24&uhtxuo=https%3A%2F%2Fwww.pastemagazine.com%2Fmovies%2Fdisney%2Fbest-halloween-movies-on-disney-plus-family-friendly-scary-horror%2F%3Futm_source%3DPMNTNL%26utm_medium%3Demail%26utm_campaign%3D221004&nzui= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-89-41.deploy.static.akamaitechnologies.com Software / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT cache-control max-age=0, no-cache, no-store expires Wed, 05 Oct 2022 10:42:11 GMT content-length 35 content-type image/gif
GET H/1.1	200 OK	log c21lg-d.media.net/ Frame 0138	35 B 296 B	260ms 210ms	Image image/gif	2.18.68.23 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3079681318398488000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=345AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX Requested by Host: c.aaxads.com URL: https://c.aaxads.com/aacxs.php?flg=AAXGIZE66&fv=1&fy=37&ke=1&suylg=292%2C325%2C108%2C141%2C241%2C97%2C209%2C23%2C272%2C251%2C263%2C214%2C3012%2C291%2C356%2C368%2C229&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.18.68.23 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-68-23.deploy.static.akamaitechnologies.com Software / Resource Hash 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90 Request headers accept-language de-DE,de;q=0.9 Referer https://c.aaxads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 35 Expires Wed, 05 Oct 2022 10:42:11 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	126ms 48ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=186583439&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pastemagazine.com%2Fmovies%2Fdisney%2Fbest-halloween-movies-on-disney-plus-family-friendly-scary-horror%2F%3Futm_source%3DPMNTNL%26utm_medium%3Demail%26utm_campaign%3D221004&ul=en-us&de=UTF-8&dt=The%20Best%20Halloween%20Movies%20on%20Disney%2B%20-%20Paste&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2002220421&gjid=571746316&cid=1383910607.1664966528&tid=UA-168037-1&_gid=1506736941.1664966531&_r=1&gtm=2wga30P8HM6Q9&cd1=Jim%20Vorel&cd2=Movies&cd3=Lists&cd5=0&z=153432597 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ixmatch.html Show response js-sec.indexww.com/um/ Frame 0B2F	3 KB 2 KB	34ms 7ms	Document text/html	23.35.236.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/um/ixmatch.html Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-247.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 1387 Content-Type text/html; charset=UTF-8 Date Wed, 05 Oct 2022 10:42:11 GMT ETag "e20015-b68-5e4a60c97afb7" Last-Modified Mon, 25 Jul 2022 19:18:30 GMT P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame C4B1	281 B 554 B	66ms 17ms	Document text/html	92.123.9.160 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-9-160.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Wed, 05 Oct 2022 10:42:11 GMT ETag "40014-119-5d32342a551c0" Last-Modified Tue, 14 Dec 2021 23:07:59 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 05B7	52 KB 17 KB	36ms 7ms	Document text/html	151.101.193.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 17859 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Wed, 05 Oct 2022 10:42:11 GMT ETag W/"623de86a-cf34" Expires Wed, 28 Sep 2022 05:44:18 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 1, 323478 X-Served-By cache-lga21951-LGA, cache-hhn4039-HHN X-Timer S1664966531.374241,VS0,VE0
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 4CB6	15 KB 6 KB	7ms 7ms	Document text/html	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160494 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/pwt/160494/3742/pwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Referer https://www.pastemagazine.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=32633 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Wed, 05 Oct 2022 10:42:11 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Wed, 05 Oct 2022 19:46:04 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache unused62 8096267 vary Accept-Encoding
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 4CB6	0 42 B	54ms 16ms	Script text/plain	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63357055&p=160494&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160494 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT content-length 0
GET H3	200	usermatch Show response ssum-sec.casalemedia.com/ Frame 382F Redirect Chain https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1	2 KB 1 KB	88ms 57ms	Document text/html	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/um/ixmatch.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 385bad63150cc9165dccab6094d4ecd10516586f3dfbbc557cb6b0da69bf1246 Request headers Referer https://js-sec.indexww.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 75558c9609f69ba0-FRA content-encoding br content-type text/html date Wed, 05 Oct 2022 10:42:11 GMT expires 0 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0upv0qliygCHU4Sjhzjcg0mJtpMhKjXVvEgzRTiVBodOmO8htUw3hPBSZaaUDPXixsx9ZNc34t9%2B%2FQ0fgWzyB2y4%2B9I4Qwn5lssO8fiEzZRJ4Bdz0SiArkGVvJMqKMM2ElvFIFFDo765A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 75558c959d145c32-FRA content-length 0 date Wed, 05 Oct 2022 10:42:11 GMT expires 0 location /usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EQNN2HkQpHf9GFvOgazClv7HBI2cdURYSwrsfjsEQ6pfIC3uRoyuf87UWhGibv7AQaYhV9764sHsdNp8DR1KJaFI3JEoWVfzNWbxXOyCLJLtJQGhglu1fhfoVaN7pG4z%2FL09lSkxQAQIA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame C4B1	31 KB 10 KB	18ms 17ms	Script text/html	92.123.9.160 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-9-160.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Date Wed, 05 Oct 2022 10:42:11 GMT Content-Encoding gzip Last-Modified Thu, 15 Sep 2022 22:38:47 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=65924 Connection keep-alive Content-Length 9422 Expires Thu, 06 Oct 2022 05:00:55 GMT
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame 05B7 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 819 B	17ms 17ms	Script text/html	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT AN-X-Request-Uuid 485ce0d0-c98f-4996-9a6c-470c6d523bf1 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 185.213.155.176; 185.213.155.176; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT AN-X-Request-Uuid ab7bdae1-b243-4aba-b90b-944a6dc2407b Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 185.213.155.176; 185.213.155.176; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 446 B	63ms 18ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-168037-1&cid=1383910607.1664966528&jid=2002220421&gjid=571746316&_gid=1506736941.1664966531&_u=YADAAEAAAAAAACAAI~&z=1014825426 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.pastemagazine.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 05 Oct 2022 10:42:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.pastemagazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	198ms 82ms	Image image/gif	2a00:1450:400d:80a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168037-1&cid=1383910607.1664966528&jid=2002220421&_u=YADAAEAAAAAAACAAI~&z=600531323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	142ms 63ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-168037-1&cid=1383910607.1664966528&jid=2002220421&_u=YADAAEAAAAAAACAAI~&z=600531323 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.pastemagazine.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame C4B1 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Lnk3JFcwTQW6Hdo2jUF01g&rk=usync-other https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lnk3JFcwTQW6Hdo2jUF01g	43 B 479 B	33ms 33ms	Image image/gif	52.95.125.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lnk3JFcwTQW6Hdo2jUF01g Protocol HTTP/1.1 Server 52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid PW2F9WZHCQPA43BPV4R5 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lnk3JFcwTQW6Hdo2jUF01g Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame C4B1 Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWSTMxSFctMUItRkhGQg== https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWSTMxSFctMUItRkhGQg==&google_tc=	170 B 188 B	113ms 41ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWSTMxSFctMUItRkhGQg==&google_tc= Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhWSTMxSFctMUItRkhGQg==&google_tc= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 299 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rubicon match.adsrvr.org/track/cmf/ Frame C4B1	70 B 265 B	105ms 35ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/rubicon Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame C4B1 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nTQ37ls_QVCnqXWFUh0Xrw&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nTQ37ls_QVCnqXWFUh0Xrw	43 B 479 B	108ms 107ms	Image image/gif	209.54.182.161
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nTQ37ls_QVCnqXWFUh0Xrw Protocol HTTP/1.1 Server 209.54.182.161 -, , ASN (), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:12 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid FBQJ08TT44828YY4RD7N Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nTQ37ls_QVCnqXWFUh0Xrw Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame C4B1 Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAyMGU1YWFhMTM3YWJhMTAxNTFhYWUzNDcyY2MxYTg1NjQ1YTY5OA https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAyMGU1YWFhMTM3YWJhMTAxNTFhYWUzNDcyY2MxYTg1NjQ1YTY5OA&google_tc=	170 B 188 B	114ms 44ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAyMGU1YWFhMTM3YWJhMTAxNTFhYWUzNDcyY2MxYTg1NjQ1YTY5OA&google_tc= Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTAyMGU1YWFhMTM3YWJhMTAxNTFhYWUzNDcyY2MxYTg1NjQ1YTY5OA&google_tc= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 334 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame C4B1 Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/3A30NpOQTabxW1bvXW0DHcn5EUdSAgOZEtemQ7w0kco?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5503159418447432339	0 239 B	44ms 10ms	Image image/gif	69.173.144.165
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5503159418447432339 Protocol HTTP/1.1 Server 69.173.144.165 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Wed, 05 Oct 2022 10:42:11 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5503159418447432339 content-length 0
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame C4B1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOawqVXQWdjIPQLC6OXT8q4&google_cver=1	0 239 B	9ms 8ms	Image image/gif	69.173.144.165
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOawqVXQWdjIPQLC6OXT8q4&google_cver=1 Protocol HTTP/1.1 Server 69.173.144.165 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOawqVXQWdjIPQLC6OXT8q4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid px.ads.linkedin.com/ Frame C4B1 Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8VI31HW-1B-FHFB	0 705 B	149ms 118ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8VI31HW-1B-FHFB Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 42F0C050F50A499B962DB8F368A7FF45 Ref B: FRAEDGE1214 Ref C: 2022-10-05T10:42:11Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAXqRzqu5+DC9i+m2spK0g== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8VI31HW-1B-FHFB Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	usermatchredir ssum-sec.casalemedia.com/ Frame 382F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&gdpr_consent=&us_privacy=&gdpr= https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAyx-kgkEnqDlM60oK8sZb8&google_cver=1	43 B 849 B	44ms 44ms	Image image/gif	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAyx-kgkEnqDlM60oK8sZb8&google_cver=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H3 Server 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2n6MExQu98uFNW9rcvUzX80e3oSMWmsnno6CS%2Fd8e%2BxiZ%2Bi%2BbXAdI1LPI3P7O%2FfCMjeuMjn5Mo174%2Br3%2FnmWL8CrCVVv3h4gFzrQjA4LI4dtMkM%2B8Ph00p70sKmKO4R1E%2FtjEOJ57y8Xg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 75558c97bd399ba0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAyx-kgkEnqDlM60oK8sZb8&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 342 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 382F	70 B 264 B	62ms 39ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 382F Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&dcc=t	43 B 855 B	117ms 116ms	Image image/gif	209.54.182.161
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 209.54.182.161 -, , ASN (), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:12 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid Z9K975VXX4H3W4RC953C Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid ZCBZPPWREVBNSJ8GSYH6 Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yz1fg_NrjjPkKz3-2folVAAAFB4AAAIB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 382F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yz1fg-NrjjPkKz3.2folVAAA https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Yz1fg-NrjjPkKz3.2folVAAA&google_tc= https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPtzLrMNJHA3Et0-12bHzJI&google_cver=1&google_hm=2	43 B 766 B	7ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPtzLrMNJHA3Et0-12bHzJI&google_cver=1&google_hm=2 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Wed, 05 Oct 2022 10:42:11 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPtzLrMNJHA3Et0-12bHzJI&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 330 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 382F Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=07bb633d-5f84-4800-b69e-b4df0fc8e30e	43 B 766 B	7ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=07bb633d-5f84-4800-b69e-b4df0fc8e30e Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:12 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers Date Wed, 05 Oct 2022 10:42:12 GMT Server MT3 4525 e1952b7 master nrt-pixel-x3 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=07bb633d-5f84-4800-b69e-b4df0fc8e30e P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Wed, 05 Oct 2022 10:42:11 GMT
GET H2	200	ix ad4m.at/ad/sim/ Frame 382F	0 0	73ms 41ms	Image text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad4m.at/ad/sim/ix Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers
GET H/1.1	200 OK	crum dsum.casalemedia.com/ Frame 382F Redirect Chain https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=42d9ec32-58e7-8477-efa5e268	43 B 766 B	175ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=42d9ec32-58e7-8477-efa5e268 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:11 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 43 Expires 0 Redirect headers date Wed, 05 Oct 2022 10:42:11 GMT via 1.1 google server nginx/1.22.0 p3p CP='This is not a P3P policy!' access-control-allow-origin * location https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=42d9ec32-58e7-8477-efa5e268 content-type text/html; charset=utf-8 cache-control max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 119
GET H2	200	tp_out d.adroll.com/cm/index/ Frame 382F	42 B 181 B	159ms 27ms	Image image/gif	52.18.129.58 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.129.58 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-18-129-58.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT cache-control no-transform,public,max-age=300,s-maxage=900 server nginx/1.20.0 content-length 42 vary Cookie content-type image/gif
GET H2	200	htw-pixel.gif cdn.indexww.com/ht/ Frame 382F	43 B 351 B	75ms 21ms	Image image/gif	2606:4700::6812:c4c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.indexww.com/ht/htw-pixel.gif?Yz1fg-NrjjPkKz3.2folVAAA%265150 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.pastemagazine.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 10:42:11 GMT cf-cache-status HIT last-modified Tue, 24 Jan 2017 19:36:04 GMT server cloudflare age 54 etag "761e21-2b-546dc3a097100" vary Accept-Encoding content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" edge-control cache-maxage=1h cache-control public, max-age=14400 accept-ranges bytes cf-ray 75558c96cdbf5c4a-FRA content-length 43 expires Wed, 05 Oct 2022 14:42:11 GMT
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 05B7	0 747 B	14ms 13ms	Script text/html	185.89.210.244 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 10:42:12 GMT AN-X-Request-Uuid 44f79e94-e6f2-4d1b-85e8-b30bb1a42449 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 185.213.155.176; 185.213.155.176; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT