URL: https://paste1s.com/notes/3VQCO5Y
Submission: On April 21 via manual from GB — Scanned from GE

Summary

This website contacted 64 IPs in 9 countries across 62 domains to perform 190 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is paste1s.com. The Cisco Umbrella rank of the primary domain is 714771.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.
This is the only time paste1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.181.234 15169 (GOOGLE)
2 188.114.98.0 13335 (CLOUDFLAR...)
1 142.250.186.136 15169 (GOOGLE)
12 156.146.33.17 60068 (CDN77 ^_^)
1 23.227.60.200 13335 (CLOUDFLAR...)
2 13.32.27.86 16509 (AMAZON-02)
2 54.38.64.100 16276 (OVH)
1 2.16.186.10 20940 (AKAMAI-ASN1)
3 178.250.1.11 44788 (ASN-CRITE...)
2 104.22.24.87 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
4 16 51.89.9.252 16276 (OVH)
2 91.228.74.208 16509 (AMAZON-02)
1 18.200.133.96 16509 (AMAZON-02)
1 65.9.7.64 16509 (AMAZON-02)
12 142.250.185.130 15169 (GOOGLE)
1 2 104.26.5.26 13335 (CLOUDFLAR...)
3 142.250.186.35 15169 (GOOGLE)
2 2 185.29.132.245 30419 (MEDIAMATH...)
2 5 69.173.144.138 26667 (RUBICONPR...)
7 9 37.252.171.85 29990 (ASN-APPNEX)
10 14 142.250.186.130 15169 (GOOGLE)
2 3 185.86.138.152 201081 (SMARTADSE...)
2 35.244.174.68 15169 (GOOGLE)
2 52.46.155.104 16509 (AMAZON-02)
1 198.47.127.18 3257 (GTT-BACKB...)
3 4 3.75.62.37 16509 (AMAZON-02)
6 6 3.33.220.150 16509 (AMAZON-02)
2 3 3.120.144.155 16509 (AMAZON-02)
2 216.239.36.178 15169 (GOOGLE)
1 18.66.97.31 16509 (AMAZON-02)
1 142.250.186.42 15169 (GOOGLE)
11 17 162.19.138.117 16276 (OVH)
2 104.26.9.169 13335 (CLOUDFLAR...)
5 79.125.111.148 16509 (AMAZON-02)
1 51.158.28.82 12876 (Online SAS)
3 142.250.185.194 15169 (GOOGLE)
1 162.19.138.116 16276 (OVH)
3 3.125.61.64 16509 (AMAZON-02)
1 18.203.73.89 16509 (AMAZON-02)
7 147.75.84.158 54825 (PACKET)
1 185.255.84.151 200271 (IGUANE-)
1 37.157.6.233 198622 (ADFORM)
1 104.18.2.114 13335 (CLOUDFLAR...)
1 2 193.3.178.3 399668 (E-PLANNING-)
1 3 64.74.236.63 19024 (INTERNAP-...)
1 1 185.86.139.104 201081 (SMARTADSE...)
2 2 77.243.51.121 42697 (NETIC-AS)
4 4 37.157.6.246 198622 (ADFORM)
1 52.31.91.58 16509 (AMAZON-02)
1 1 37.252.171.52 29990 (ASN-APPNEX)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
4 35.241.34.106 15169 (GOOGLE)
2 81.17.55.98 60781 (LEASEWEB-...)
5 2.16.186.41 20940 (AKAMAI-ASN1)
3 13.32.99.28 16509 (AMAZON-02)
3 15 13.248.245.213 16509 (AMAZON-02)
1 2 146.20.128.100 27357 (RACKSPACE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
1 142.250.185.162 15169 (GOOGLE)
2 216.58.212.130 15169 (GOOGLE)
2 142.250.186.161 15169 (GOOGLE)
1 142.250.186.102 15169 (GOOGLE)
2 34.149.40.38 396982 (GOOGLE-CL...)
1 5 104.22.69.131 13335 (CLOUDFLAR...)
1 104.19.158.19 13335 (CLOUDFLAR...)
1 13.107.42.14 ()
1 13.107.21.200 ()
1 1 52.210.243.186 ()
2 2 35.244.159.8 ()
1 1 2.16.186.16 ()
1 18.194.204.152 ()
1 1 216.52.2.6 ()
190 64
Apex Domain
Subdomains
Transfer
21 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
ib.3lift.com — Cisco Umbrella Rank: 2197
eb2.3lift.com — Cisco Umbrella Rank: 535
81 KB
19 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
42 KB
17 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
23 KB
16 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
8 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
127 KB
12 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 39388
227 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
11 KB
9 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
mp.4dex.io — Cisco Umbrella Rank: 2960
c.4dex.io — Cisco Umbrella Rank: 9172
u.4dex.io — Cisco Umbrella Rank: 5135
27 KB
9 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2556
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
ww1097.smartadserver.com — Cisco Umbrella Rank: 39650
csync.smartadserver.com — Cisco Umbrella Rank: 4468
25 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
assets.a-mo.net — Cisco Umbrella Rank: 5363
6 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
3 KB
6 cpx.to
p.cpx.to — Cisco Umbrella Rank: 10289
s.cpx.to — Cisco Umbrella Rank: 3832
6 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
ssum.casalemedia.com Failed
4 KB
5 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 6291
static.smilewanted.com — Cisco Umbrella Rank: 14565
15 KB
5 adform.net
adx.adform.net — Cisco Umbrella Rank: 3716
c1.adform.net — Cisco Umbrella Rank: 908
cm.adform.net Failed
3 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com
1 KB
5 rubiconproject.com
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
prebid-server.rubiconproject.com Failed
3 KB
4 paste1s.com
paste1s.com — Cisco Umbrella Rank: 714771
142 KB
3 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 8287
b1sync.zemanta.com Failed
902 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
1 KB
3 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1002
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image4.pubmatic.com Failed
ow.pubmatic.com Failed
673 B
3 gstatic.com
fonts.gstatic.com
31 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
dis.criteo.com Failed
660 B
3 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9167
ced-ns.sascdn.com — Cisco Umbrella Rank: 3494
40 KB
2 openx.net
u.openx.net
637 B
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 4185
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1965
1 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7759
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
958 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1007
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
1 KB
2 netpub.media
fstatic.netpub.media — Cisco Umbrella Rank: 238542
451 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1478
pixel.quantserve.com — Cisco Umbrella Rank: 1327
9 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 4380
21 KB
2 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 33346
542 B
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3332
49 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
88 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
ajax.googleapis.com — Cisco Umbrella Rank: 607
31 KB
1 lijit.com
ap.lijit.com
551 B
1 sharethrough.com
match.sharethrough.com
1 stickyadstv.com
ads.stickyadstv.com
610 B
1 bing.com
c.bing.com
667 B
1 linkedin.com
px.ads.linkedin.com
513 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
61 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
49 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 43056
522 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4211
1 KB
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
98 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
398 B
1 sddan.com
kvt.sddan.com — Cisco Umbrella Rank: 44841
652 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1291
1 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 43478
6 KB
1 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 1973
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
44 KB
0 a-mx.com Failed
id.a-mx.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 creative-serving.com Failed
ads.creative-serving.com Failed
190 62
Domain Requested by
17 id5-sync.com 11 redirects ads.themoneytizer.com
ced.sascdn.com
paste1s.com
csync.smartadserver.com
16 onetag-sys.com 4 redirects ads.themoneytizer.com
onetag-sys.com
15 eb2.3lift.com 3 redirects paste1s.com
ads.themoneytizer.com
eb2.3lift.com
14 cm.g.doubleclick.net 10 redirects onetag-sys.com
googleads.g.doubleclick.net
eb2.3lift.com
12 pagead2.googlesyndication.com paste1s.com
ib.3lift.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 ads.themoneytizer.com paste1s.com
ads.themoneytizer.com
9 ib.adnxs.com 7 redirects csync.smilewanted.com
paste1s.com
7 prebid.a-mo.net ads.themoneytizer.com
paste1s.com
6 match.adsrvr.org 6 redirects
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 s.cpx.to p.cpx.to
paste1s.com
4 csync.smilewanted.com 1 redirects ads.themoneytizer.com
csync.smilewanted.com
4 c.4dex.io paste1s.com
4 c1.adform.net 4 redirects
4 ups.analytics.yahoo.com 3 redirects onetag-sys.com
4 paste1s.com paste1s.com
3 ib.3lift.com paste1s.com
3 csync.smartadserver.com paste1s.com
csync.smartadserver.com
3 b1h.zemanta.com 1 redirects ads.themoneytizer.com
paste1s.com
3 tlx.3lift.com ads.themoneytizer.com
paste1s.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
ib.3lift.com
3 x.bidswitch.net 2 redirects onetag-sys.com
3 ssbsync-global.smartadserver.com 2 redirects onetag-sys.com
3 pixel.rubiconproject.com 1 redirects onetag-sys.com
3 fonts.gstatic.com fonts.googleapis.com
3 gum.criteo.com ads.themoneytizer.com
2 u.openx.net 2 redirects
2 u.4dex.io ads.themoneytizer.com
u.4dex.io
2 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 ced-ns.sascdn.com paste1s.com
csync.smartadserver.com
2 ww1097.smartadserver.com ced.sascdn.com
2 image2.pubmatic.com 2 redirects
2 uipglob.semasio.net 2 redirects
2 pbjs.e-planning.net 1 redirects paste1s.com
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s.amazon-adsystem.com onetag-sys.com
2 id.rlcdn.com onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 sync.mathtag.com 2 redirects
2 fstatic.netpub.media 1 redirects paste1s.com
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 c.tmyzer.com ads.themoneytizer.com
2 cmp.quantcast.com paste1s.com
cmp.quantcast.com
2 cdnjs.cloudflare.com paste1s.com
cdnjs.cloudflare.com
1 ap.lijit.com 1 redirects
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 static.smilewanted.com csync.smilewanted.com
1 assets.a-mo.net prebid.a-mo.net
1 s0.2mdn.net paste1s.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 pixel.quantserve.com paste1s.com
1 secure.adnxs.com 1 redirects
1 adtrack.adleadevent.com ajax.googleapis.com
1 rtb-csync.smartadserver.com 1 redirects
1 mp.4dex.io ads.themoneytizer.com
1 adx.adform.net ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 ad.360yield.com ads.themoneytizer.com
1 lb.eu-1-id5-sync.com ads.themoneytizer.com
1 kvt.sddan.com ads.themoneytizer.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 image8.pubmatic.com onetag-sys.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 cdn.shopify.com paste1s.com
1 www.googletagmanager.com paste1s.com
1 fonts.googleapis.com paste1s.com
0 prebid-server.rubiconproject.com Failed paste1s.com
0 ow.pubmatic.com Failed paste1s.com
0 ssum.casalemedia.com Failed paste1s.com
0 image4.pubmatic.com Failed paste1s.com
0 cm.adform.net Failed paste1s.com
0 dis.criteo.com Failed paste1s.com
0 id.a-mx.com Failed paste1s.com
0 creativecdn.com Failed csync.smilewanted.com
0 us.ck-ie.com Failed csync.smilewanted.com
0 sync.1rx.io Failed csync.smilewanted.com
0 sync.richaudience.com Failed csync.smilewanted.com
0 b1sync.zemanta.com Failed eb2.3lift.com
0 ads.creative-serving.com Failed eb2.3lift.com
0 prebid.smilewanted.com Failed ads.themoneytizer.com
190 92

This site contains links to these domains. Also see Links.

Domain
www.encasabotanics.co.uk
link1s.com
1shorten.com
kiemlua.com
Subject Issuer Validity Valid
*.paste1s.com
GTS CA 1P5
2023-04-03 -
2023-07-02
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
1266287590.rsc.cdn77.org
R3
2023-03-01 -
2023-05-30
3 months crt.sh
cdn.shopify.com
R3
2023-03-17 -
2023-06-15
3 months crt.sh
cmp.quantcast.com
R3
2023-04-14 -
2023-07-13
3 months crt.sh
c.tmyzer.com
R3
2023-03-26 -
2023-06-24
3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-08 -
2023-09-11
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2022-09-13 -
2023-09-13
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2023-01-12 -
2024-01-13
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-02-21 -
2023-08-16
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
quantserve.com
R3
2023-04-14 -
2023-07-13
3 months crt.sh
*.id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2023-01-12 -
2024-01-17
a year crt.sh
kvt.sddan.com
R3
2023-04-08 -
2023-07-07
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.360yield.com
Amazon RSA 2048 M02
2023-02-10 -
2023-07-27
6 months crt.sh
*.a-mo.net
R3
2023-04-13 -
2023-07-12
3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-16 -
2023-09-06
a year crt.sh
adtrack.adleadevent.com
Amazon RSA 2048 M02
2023-02-10 -
2023-07-12
5 months crt.sh
c.4dex.io
GTS CA 1D4
2023-03-06 -
2023-06-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-04-03 -
2023-06-26
3 months crt.sh
u.4dex.io
GTS CA 1D4
2023-03-05 -
2023-06-03
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-03-07 -
2023-09-07
6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2023-02-16 -
2023-08-16
6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M02
2023-02-10 -
2023-08-12
6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh

This page contains 24 frames:

Primary Page: https://paste1s.com/notes/3VQCO5Y
Frame ID: B40F6AAE25FBE1A90E97E52F3B276A19
Requests: 87 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Frame ID: 39EFFE500CB2FFFEEFCB8FE2F2F7DE35
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 5C6C0211525623E58FA6D8B69EA65B1F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Frame ID: A88EC12B809BB64751C4EE7F770A9DCB
Requests: 5 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Frame ID: A9050F3B710366C120072074BB69F8E3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Frame ID: 88B222C8109DFD94C28C0F1A4E9DFE1F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 511FCB2EBF5A80D8373353E9A0C10D4F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D288FD50ECC6F95FD9AD8DE3C964A8C9
Requests: 3 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html
Frame ID: 72CC89E3FE2A6C29A6809F1FBF58FF2B
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 0CF3EB56D52026C258855C0904FEE207
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Frame ID: 2E40A3A87B823369423973439B8E3579
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 404882CDF051419C4DEC7B5BCEB4054C
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 50536420CC39DA39398B1BDC1DB528E6
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D81B199C7309C38F878342D7B15D3104
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_
Frame ID: C58D78D3B9BED3C45D06185DB7BC1BF3
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: AE29E305FD1CFEAD575CEF4CC3FA315B
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Frame ID: BEF9AE4342A620266F874A905A83E688
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1
Frame ID: B3319365B22B1918DCB21215C02DF63A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
Frame ID: 83DD833510B7EF8B4859429FAD2B862A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Frame ID: F92B20E1E443D512ADBA456F04FE84EB
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 891843FD95221FC238FAF96D750D2E74
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 5F0E7E7B7E9F9D1AA272955F4B421630
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
Frame ID: AFE22DD3314F800087A74B3C481646A0
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
Frame ID: 2FD76CD88A32C61486DAE0AB99D05DEE
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Note: The Top Buy CBD Vape Oil Gurus Can Do Three Things

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

190
Requests

67 %
HTTPS

0 %
IPv6

62
Domains

92
Subdomains

64
IPs

9
Countries

1206 kB
Transfer

3287 kB
Size

72
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1682114336716 HTTP 301
  • https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
Request Chain 28
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=
Request Chain 30
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470
Request Chain 32
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=
Request Chain 35
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
Request Chain 39
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=
Request Chain 70
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/paste1s.com/ROS?rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c
Request Chain 76
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
Request Chain 77
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*1CMTCdNeeAGgypd3qpEK37cgMUtT1OldJobLMpYFa3JFWbVsnq2wbdauLte_6rTSRVo5S2JfiRq_LaQ_OClLsg&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/7/2.gif?puid=7772941124511262273&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/6/3.gif?puid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%% HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/104/4/5.gif?puid=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/3/6.gif?puid=39ECE741232877CF&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/2/7.gif?puid=8606878047360377700&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/1/8.gif?puid=4417596967988441470&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F0%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
Request Chain 79
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y%26hn_ver%3D40%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Request Chain 80
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Request Chain 81
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD
Request Chain 82
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1
Request Chain 114
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/2/8/2.gif?puid=4417596967988441470&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1
Request Chain 116
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1
Request Chain 118
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMHJsJHTh99ivxjzWBVCAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
Request Chain 133
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 135
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2
Request Chain 140
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q
Request Chain 141
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0
Request Chain 142
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470
Request Chain 143
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273
Request Chain 145
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
Request Chain 146
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQ1NzIyQ0ItOTNGQS00RjAzLTlFRkEtMUY1QzkyRUJBQjMx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEVV9byWpApOjUpga3NdsCE&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
Request Chain 148
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A
Request Chain 149
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=863f23c4-62ba-42d3-ac8d-e0bed9cd78aa&ssp=onetag
Request Chain 152
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 153
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 155
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
Request Chain 157
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3884473132729541786822&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
Request Chain 159
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3884473132729541786822?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883
Request Chain 161
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 163
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_
Request Chain 165
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f
Request Chain 167
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1
Request Chain 168
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
Request Chain 169
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Request Chain 172
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
Request Chain 173
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=090bc00d-2a93-4bdb-b17d-508f6930049e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
Request Chain 176
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=090bc00d-2a93-4bdb-b17d-508f6930049e HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0
Request Chain 177
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0
Request Chain 179
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273
Request Chain 180
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D090bc00d-2a93-4bdb-b17d-508f6930049e%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dpubmatic%26uid%3DA45722CB-93FA-4F03-9EFA-1F5C92EBAB31
Request Chain 182
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_
Request Chain 183
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470

190 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3VQCO5Y
paste1s.com/notes/
24 KB
10 KB
Document
General
Full URL
https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / LarVPS
Resource Hash
fc8c1d41c334140c6f3880ddea76ac68f0d1f8bd1c482ba10c1c854890b55499
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7bb8e427c9ba9bb6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:58:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZcgQlNM8HN1ysLQ3s05rIOdYrXBvqZJAZ60vM%2Fdp1AgsYq8AC12vZImCq0Ly%2BPpD9M%2FOR2u0g4Bi%2BHnznaVk1dUK1KlWHwlbXxgr7ox7palbO0XQymgiTkKAMZnEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-powered-by
LarVPS
x-xss-protection
1; mode=block
css
fonts.googleapis.com/
2 KB
948 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
a1b9252c2f0ce90582dec0abda9ea678661ec6b509f3330919e1c67ce0741b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 21:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 20:00:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 21:58:56 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.98.0 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
359006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpZuHD70%2FkU4KN%2BVrqE%2BagEroJegw%2Bl7%2BNmHSsCxsrfaV3NQkv8wtGk09Ff8LgImGAuza2stS1vqt5lDPgzEk%2F4ux4ex6HbJbz5DEasLJJXo2zysmnaTTfGY9QRVNmYHyCFZnyAd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bb8e42adc275c44-FRA
expires
Wed, 10 Apr 2024 21:58:56 GMT
app.css
paste1s.com/css/
143 KB
25 KB
Stylesheet
General
Full URL
https://paste1s.com/css/app.css?id=ebe28cb9d875b19bed6b
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0138a397ea954dfb7486525dcfdb18ff24b7c4d6c501981b76d731277f26f879
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/notes/3VQCO5Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
499895
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Fri, 03 Feb 2023 05:02:47 GMT
server
cloudflare
etag
W/"63dc9577-23c92"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xsd1rs2eAw1KvDp5HkP1MXoP8n16%2FZUMBFEjaTwRZOrwkC2J11lvgcBD95vKZBsk5fRAMZvz%2BuP09PdG43TWQtoIamJPmvB9Z4ybAl0VCJL8jH6pE%2B21WPVIMcwJ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7bb8e4291b419bb6-FRA
expires
Tue, 16 May 2023 03:07:21 GMT
js
www.googletagmanager.com/gtag/
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129758818-17
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
892245a61373c7d74f1209a05ec18deece342e31b9ad4d2cbd506ba00f1e3581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45007
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Apr 2023 21:58:56 GMT
gen.js
ads.themoneytizer.com/s/
5 KB
3 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AZySIRA+aZr/S/sAAA
x-accel-expires
@1682654805
date
Fri, 21 Apr 2023 21:58:56 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb200743642e0e1a1e
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
64331
requestform.js
ads.themoneytizer.com/s/
117 KB
18 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
6cab717d72036eb7ea203aea8be175c98c26d0d5ef7e108df8687eed7b1678c5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AZySIRBsrKf/9uwAAA
x-accel-expires
@1682658474
date
Fri, 21 Apr 2023 21:58:56 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb200743649cb5211e
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
60662
logo.png
paste1s.com/images/
23 KB
24 KB
Image
General
Full URL
https://paste1s.com/images/logo.png
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/notes/3VQCO5Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2219593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23690
pragma
public
last-modified
Fri, 03 Feb 2023 05:02:56 GMT
server
cloudflare
etag
"63dc9580-5c8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsDCi1ToIHU7z5eYz5X6bE3sbfuB8hYDWNy4ntrlZTuGEVmV78%2ByeOb3TGv7mG9NYSAgMiF36DnNCeyp17oynRYAKyPTmD8h2rlkEDqwucypBiEZMBvUvhygFX7v3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7bb8e42bee7c37da-FRA
expires
Wed, 26 Apr 2023 05:25:43 GMT
EB_logo_White_BG_150x.png
cdn.shopify.com/s/files/1/0370/3865/3572/files/
8 KB
8 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/0370/3865/3572/files/EB_logo_White_BG_150x.png?v=1613630271
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
22560f4ac08886d0801899adf990f533041a6be25d3a2c77d270d63a5528df44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
200560
source-type
image/png
server-timing
imagery;dur=610.520, imageryFetch;dur=65.594, imageryProcess;dur=543.796;desc="image", cfRequestDuration;dur=17.999887
source-length
666512
content-length
7699
x-xss-protection
1; mode=block
x-request-id
10ddbf30-274a-4665-92c4-a8a5fe80ff0e
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Apr 2023 12:32:41 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe5GiX5tCybS8m1S0e8OJb0MEgyfimbUtGjsJavET86Lp4dYZ7zuyftXdfP8MA33cpS2dmMkV%2FsVtHC2oYCZSSVn1Q1gAg05mPtjtg1yGa9rm%2FWdp59NF3xhyWgyb1oPjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0370/3865/3572/files/EB_logo_White_BG_150x.png>; rel="canonical"
cf-ray
7bb8e42dca3c9a41-FRA
app.js
paste1s.com/js/
258 KB
84 KB
Script
General
Full URL
https://paste1s.com/js/app.js?id=0e83dba9e8630f1a1f92
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e5fb043938f7aff456e97c06d85e24de3ed2a33dd62dea9886c24b67061185
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/notes/3VQCO5Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2216391
cf-polished
origSize=263816
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
cf-bgj
minify
last-modified
Fri, 03 Feb 2023 05:02:47 GMT
server
cloudflare
etag
W/"63dc9577-40688"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMOcodSUWSfamHot%2FhGkJli55w16unqheLgQVnxnTHBBtHiTYGHPd0VnN2yV6%2BDB8knI9KZmOgp7A56RCuAiB4A4PeX0m6orx5aGlurCO%2FDd7VJh8cdmUDG%2Bgs1Pmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=2592000
cf-ray
7bb8e42bee7a37da-FRA
expires
Wed, 26 Apr 2023 06:19:05 GMT
choice.js
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
3 KB
2 KB
Script
General
Full URL
https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:46 GMT
content-encoding
br
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:53:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
10
x-amz-server-side-encryption
AES256
etag
W/"c53bd785b1ee57b613221019d7d72626"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_-LtCEhIsjq2_WJUFNB8xkbtrRex_RdCdwwwBjOOhv7qZF6q8o3XcQ==
moneybile.js
ads.themoneytizer.com/
38 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 21 Apr 2023 21:58:56 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
64333
x-77-nzt
AZySIRDAZ8f/TfsAAA
pragma
public
x-accel-expires
@1682136403
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb20074364d5176728
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 22 Apr 2023 04:06:43 GMT
/
c.tmyzer.com/c/
0
271 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=93800&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 21:58:57 GMT
server
nginx
x-iplb-request-id
5BEFCEB9:F674_36264064:01BB_64430720_C0009CF:1C87A
x-iplb-instance
20687
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/
667 B
778 B
Script
General
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 21 Apr 2023 21:58:56 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
64332
x-77-nzt
AZySIRC3Nqf/TPsAAA
pragma
public
x-accel-expires
@1682136404
last-modified
Thu, 19 Jan 2023 15:05:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb200743640ceedd2d
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 22 Apr 2023 04:06:44 GMT
smart.js
ced.sascdn.com/tag/1097/
104 KB
35 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a200b67450da7b221ae617a078d3114819e73384cf781b22ca84cc8d53cc5d5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:58:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
35223
Expires
Fri, 21 Apr 2023 23:58:57 GMT
sync
gum.criteo.com/
49 B
291 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
368713
expires
60
mapper.js
spl.zeotap.com/
61 KB
20 KB
Script
General
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
3119
cf-polished
origSize=62056
cf-bgj
minify
last-modified
Fri, 21 Apr 2023 21:06:58 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://deinautomagazin.de
cache-control
public, max-age=3600
access-control-allow-credentials
true
cf-ray
7bb8e42e9e2d9bce-FRA
access-control-allow-headers
*
expires
Fri, 21 Apr 2023 22:06:58 GMT
libJsLP.js
tag.leadplace.fr/
5 KB
6 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:58:57 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:52 GMT
Server
nginx/1.20.1
X-IPLB-Request-ID
5BEFCEB9:36FA_91EFC0A6:01BB_64430720_A6DFE75C:237B7
ETag
"6167dbf8-15ab"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 39EF
4 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
ecbc60f0ded5c6ff9296cc46eeec859bd919e53c5e87154b31bfe2c3d4e980aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1375
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 28 Apr 2023 21:58:57 GMT
px.js
p.cpx.to/p/12771/
2 KB
2 KB
Script
General
Full URL
https://p.cpx.to/p/12771/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.133.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-133-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
cache-control
max-age=2419200, public
content-length
1990
content-type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-64.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 Apr 2023 23:12:05 GMT
Via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-C1
Age
82013
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
rSMjs9ntxV1T_h49AgGMRH-bxlcAtNTy1rtsbnnhZ4mBD7x5zhDZHg==
prebid.js
ads.themoneytizer.com/moneybid7_44/build/dist/
556 KB
181 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fb6f64025c97613b5f8518dae9e2373bb3cfb3217c45af3aa9a84e3d82f835f1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 21 Apr 2023 21:58:56 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
64333
x-77-nzt
AZySIRBSD4z/TfsAAA
pragma
public
x-accel-expires
@1682136403
last-modified
Thu, 13 Apr 2023 19:58:21 GMT
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb200743643bbf882e
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 22 Apr 2023 04:06:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d74e0bc3c37ed1660d8167657b25e05e856d8e817227e713900127232ebc8aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47839
x-xss-protection
0
server
cafe
etag
14289489978146210007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 21:58:57 GMT
service.js
fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/
Redirect Chain
  • https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1682114336716
  • https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
0
0
Script
General
Full URL
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
104.26.5.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 21 Apr 2023 21:58:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMi%2BbiKDkJok8bGhURf6ciCHY1IJdzEFRa2CkRTcGIlQKMzFXjKvr8XXl5GYEhAn08if5AyWOBTuLhLUnDi2yfRALX8Ils62%2FjnOFniDcczaxs%2B1QHF5MFiIYcZcECNkaKyNuFhG"}],"group":"cf-nel","max_age":604800}
location
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
cache-control
max-age=3600
cf-ray
7bb8e4309dc0bb8f-FRA
expires
Fri, 21 Apr 2023 22:58:57 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/
76 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.98.0 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin
https://paste1s.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
360552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiyKhV5Hs7laFGVW%2F%2BPVrP%2FmWXHjmAxYaiYwKFHMDCb2XjIs2fpTEj41fdi4fLbpPbzIW4fWqagwA1v63f1H5OPp%2Bn2bP71Hm6u7Ulpmz7uAtjKNsMaN2qXV7QsnHczpK1z7MrbN"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bb8e42dd8eb3a84-FRA
expires
Wed, 10 Apr 2024 21:58:56 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paste1s.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options
nosniff
age
158045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 02:04:52 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paste1s.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 04:55:27 GMT
x-content-type-options
nosniff
age
147810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12736
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 04:55:27 GMT
cmp2.js
cmp.quantcast.com/tcfv2/42/
177 KB
47 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-86.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:35:10 GMT
content-encoding
gzip
via
1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
95028
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Tue, 05 Jul 2022 18:40:23 GMT
server
AmazonS3
etag
W/"a18627a302da47ec97015f587007f1a6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
wLJ_vRzLMBuJFnEP3TcOUl8XzVv_kMUYGCUcD8ja7u3WWILWlYr6Mg==
/
onetag-sys.com/match/ Frame 39EF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 21 Apr 2023 21:58:57 GMT
Server
MT3 830 785530e master zrh-pixel-x11 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Apr 2023 21:58:56 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 39EF
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 39EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 21 Apr 2023 21:58:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
36ba1dbf-8764-4b15-a288-f078c4acd9f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 39EF
42 B
774 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 39EF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ssbsync-global.smartadserver.com/api/ Frame 39EF
0
75 B
Image
General
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 39EF
0
0
Image
General
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ecm3
s.amazon-adsystem.com/ Frame 39EF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:58:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7JJC9F8X5AAQ4DDS0GW9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 39EF
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:56 GMT
content-length
0
/
onetag-sys.com/match/ Frame 39EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 39EF
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 39EF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 39EF
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.144.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-144-155.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 20:35:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4993
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 21 Apr 2023 22:35:44 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:48:08 GMT
content-encoding
gzip
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
650
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
ds2F6Y_nJePl6Bg9wchNzlYpjflMXoZvHmUTvQDemm0TwMqbusq8fA==
/
spl.zeotap.com/
95 B
441 B
XHR
General
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://paste1s.com
access-control-allow-credentials
true
cf-ray
7bb8e43038759bce-FRA
access-control-allow-headers
*
content-length
95
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 05:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 05:30:41 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paste1s.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 21 Apr 2023 21:58:57 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
293098
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/
2 B
369 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
227907
expires
0
prebid
id5-sync.com/api/config/
134 B
539 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paste1s.com
date
Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
localstore.js
script.4dex.io/
483 B
1002 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:58:57 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
103807
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BdB7PUXperczKAP7AcLB7rFMLdXaCN84vBbRxsMCDEWt%2FClEkuxLLxye6wNqOoclNVjnUjUWWKvOEpxPzKZh9K3eqqM69Q7sQGNqyoluDHD9q%2Fck2L2r4sgUkbWUtsq"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bb8e4323c462c22-FRA
fire.js
s.cpx.to/
664 B
1014 B
Script
General
Full URL
https://s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dd19c7daef60997e8100a638e67d902d7337b7d04b123aeaf762f11ffa5cf0e5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Fri, 21 Apr 2023 21:58:57 GMT
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
664
expires
Fri, 21 Apr 2023 21:58:57 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paste1s.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:09:59 GMT
x-content-type-options
nosniff
age
287338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4252
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:27:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 14:09:59 GMT
102.json
id5-sync.com/g/v2/
574 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ee90c34f782072d4d22c8a9029cd3608b5c81190761e34ef2b3f799e3928a86f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://paste1s.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
507 B
652 B
XHR
General
Full URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-82.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Apr 2023 21:58:57 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://paste1s.com
Cache-Control
private, max-age=60
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 5C6C
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
28220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 14:08:38 GMT
etag
2378337311435320485
expires
Fri, 05 May 2023 14:08:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
56 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=42532089%2C44759837%2C42532185%2C44759876%2C44759927%2C31073968%2C31074011%2C44789761
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
112 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2021&eid=42532089%2C44759837%2C42532185%2C44759876%2C44759927%2C31073968%2C31074011%2C44789761
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
398 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
3f05ae8fbc9c6ccb3447dd3a71665ca872318d3996369313c374968ad3aaa14d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paste1s.com
date
Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
adagio.js
script.4dex.io/
74 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:58:58 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
146173
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIQr5ovmCdzTn03mfC4CxmDubHA0ehXhJtGU4zcTYowDn6hcPT8HzW%2FUaOkMCeO3%2BBlnGmYrjIYqilj3AufSCE70PUQC4X%2B%2B%2BfkQXwcMQ%2FJknXCp30EKhHoRnoPE7wN6"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bb8e4350d4c2c47-FRA
collect
www.google-analytics.com/j/
1 B
202 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1309068373&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ul=en-us&de=UTF-8&dt=Note%3A%20The%20Top%20Buy%20CBD%20Vape%20Oil%20Gurus%20Can%20Do%20Three%20Things&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=590526638&gjid=266709446&cid=1387979014.1682114338&tid=UA-129758818-17&_gid=908602986.1682114338&_r=1&gtm=457e34j0&jsscut=1&z=2050148610
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
tlx.3lift.com/header/
28 KB
10 KB
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&tmax=3000&gdpr=false
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.61.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-61-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f4f84044c9f3e680342c05e5879575337a46d2ceffb9cee2cf9e840fd26a1d36
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:58 GMT
content-encoding
gzip
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
10179
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/
15 B
498 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://paste1s.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
pb
ad.360yield.com/1602/
0
98 B
XHR
General
Full URL
https://ad.360yield.com/1602/pb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.73.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-73-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paste1s.com
date
Fri, 21 Apr 2023 21:58:58 GMT
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
486 B
820 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
56eae18860c4066cfed9fd5acc171937087f46fc042a8df7e56418df29a63f24

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste1s.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
content-length
260
v1
hb-api.omnitagjs.com/hb-api/prebid/
714 B
1 KB
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&PageUrl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&PageReferrer=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
8798b894d9c957b5e9a4f3795cf3641b999ce18af4623b9a71a2e063fde7cc64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
13
content-length
714
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
openrtb
adx.adform.net/adx/
0
528 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

prebid
mp.4dex.io/
173 B
1 KB
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b8a613f62dd2e1322dc323643269dca40df467b329d2c583ba3c57e3b57f2e

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 21 Apr 2023 21:58:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26711, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26300, Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bb8e43bf9763aa3-FRA
expires
0
ROS
pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/paste1s.com/ROS?rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300...
  • https://pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x1...
101 B
511 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef64c06e715e181775e12a4f1ff456c55ceb742a0193ded36926cf6bc6d7f87b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 21 Apr 2023 21:58:59 GMT
date
Fri, 21 Apr 2023 21:58:59 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://paste1s.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
101
x-sid
AMS-936

Redirect headers

date
Fri, 21 Apr 2023 21:58:59 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://paste1s.com
location
/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-936
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
117 B
XHR
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://paste1s.com
Access-Control-Allow-Credentials
true
moneybid.js
ads.themoneytizer.com/bidder1/
339 B
574 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=6&formatid=26328&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRAVBKL/S9wAAA
x-accel-expires
@1682662743
date
Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d5ae506d42207436498fa2e0d
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://paste1s.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
56395
moneybid.js
ads.themoneytizer.com/bidder1/
339 B
573 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
bccf82d43a087f44f18f52a191ab456f4186e4477617fdf09c6b66e3d4470d57

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRDs3xH/S9wAAA
x-accel-expires
@1682662743
date
Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d5ae506d4220743648727570d
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://paste1s.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
56395
moneybid.js
ads.themoneytizer.com/bidder1/
343 B
572 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRC/ch//S9wAAA
x-accel-expires
@1682662743
date
Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d5ae506d42207436433744a0d
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://paste1s.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
56395
moneybid.js
ads.themoneytizer.com/bidder1/
343 B
571 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a22ef20b5eeb20da6a9305f243c83cf3c969efdad6264e8025bb41a7a8b6159f

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRCsqmj/S9wAAA
x-accel-expires
@1682662743
date
Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d5ae506d4220743649ea23c0d
vary
Accept-Encoding, Origin
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://paste1s.com
x-77-cache
HIT
cache-control
max-age=604800
x-age
56395
264.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
43 B
43 B
Image
General
Full URL
https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:57 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
9.gif
id5-sync.com/c/102/10/0/
Redirect Chain
  • https://id5-sync.com/i/102/8.gif?id5id=ID5*1CMTCdNeeAGgypd3qpEK37cgMUtT1OldJobLMpYFa3JFWbVsnq2wbdauLte_6rTSRVo5S2JfiRq_LaQ_OClLsg&o=api&gdpr_consent=undefined&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
  • https://id5-sync.com/c/102/102/7/2.gif?puid=7772941124511262273&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/102/3/6/3.gif?puid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/104/4/5.gif?puid=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/102/112/3/6.gif?puid=39ECE741232877CF&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/2/7.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/1/8.gif?puid=4417596967988441470&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F0%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
43 B
2 KB
Image
General
Full URL
https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 21 Apr 2023 21:59:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
notifyme.php
adtrack.adleadevent.com/
0
522 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.91.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-91-58.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:58:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 21:58:58 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://paste1s.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y%26hn_ver%3D40%26fid%3D...
  • https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
p3p
CP="NOI DEV ADM"
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
expires
Fri, 21 Apr 2023 21:58:58 UTC

Redirect headers

Date
Fri, 21 Apr 2023 21:58:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cf4d04b7-0190-487d-8560-4b98825ab7f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
95 B
589 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Fri, 21 Apr 2023 21:58:58 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Fri, 21 Apr 2023 21:58:58 GMT

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
date
Fri, 21 Apr 2023 21:58:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
s.cpx.to/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
  • https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD
95 B
584 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Fri, 21 Apr 2023 21:58:58 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Fri, 21 Apr 2023 21:58:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
179
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
  • https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'
x-permitted-cross-domain-policies
none
x-frame-options
sameorigin
Content-Type
image/png
cache-control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12.json
id5-sync.com/g/v2/
569 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f29d2835c1e6d4b6bf8db200d268fed481ed8be1f46a45148fc396584d210efa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://paste1s.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pixel;r=1206770233;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y;uht=2;fpan=1;fpa=P0-1442885964-1682114337244;pbc=;ns=0;ce=1;qjs=1;...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1206770233;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y;uht=2;fpan=1;fpa=P0-1442885964-1682114337244;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=paste1s.com;dst=0;et=1682114337743;tzo=0;ogl=title.Online%20Notepad%2Cdescription.note1s%252Ecom%20is%20your%20online%20notepad%20on%20the%20web%252E%20It%20allows%20you%20to%20store%20notes%20on%20th%2Cimage.https%3A%2F%2Flh3%252Egoogleusercontent%252Ecom%2Fproxy%2FFbbmTTxOezBpLsfx2__U9Iirj6ntJFpFNrjuFVOH%2Clocale.en_US%2Ctype.website%2Csite_name.Online%20Notepad;ses=0166c066-2e18-434e-a6b8-1279508fca68
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
bids.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/bids.gif?adu_code=26328&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=1x1%7C728x90%7C728x250%7C970x90%7C1000x90%7C1000x30%7C990x90%7C950x90%7C300x250&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=6&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/bids.gif?adu_code=26322&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=728x90%7C320x50%7C300x50%7C320x100%7C300x100&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Coutbrain%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=1&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/
0
44 B
XHR
General
Full URL
https://c.4dex.io/bids.gif?adu_code=26711&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=300x250%7C300x168&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Coutbrain%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=19&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
bids.gif
c.4dex.io/
0
254 B
XHR
General
Full URL
https://c.4dex.io/bids.gif?adu_code=26300&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=300x250%7C300x168&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Coutbrain%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=2&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:58:58 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://paste1s.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://paste1s.com
date
Fri, 21 Apr 2023 21:58:59 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/
2 KB
2 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
a4398b4a43a6198a22ef0fc2e7368c3a129778a50da9286fdb436738ad956b27

Request headers

Referer
https://paste1s.com/
accept-language
ka-GE,ka;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:00 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://paste1s.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/
0
271 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=93800&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 21:59:00 GMT
server
nginx
x-iplb-request-id
5BEFCEB9:F674_36264064:01BB_64430721_C0009D1:1C87A
x-iplb-instance
20687
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame A88E
435 B
744 B
Document
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Fri, 21 Apr 2023 21:59:01 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
lib_footer_slidein.js
ads.themoneytizer.com/
25 KB
4 KB
Script
General
Full URL
https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
79ee4ccd74ffe68cb3992c0f6044438847b5331c419b0fb733d851dc50528f79

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 21 Apr 2023 21:59:01 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
64334
x-77-nzt
AZySIRDVONv/TvsAAA
pragma
public
x-accel-expires
@1682136407
last-modified
Fri, 07 Apr 2023 14:03:59 GMT
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb25074364bb78bd01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 22 Apr 2023 04:06:47 GMT
lib_watermark.js
ads.themoneytizer.com/
6 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/lib_watermark.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b8b0db583acb8255792448212abc01984bed38a2799697ef8b9b09d410b283d0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 21 Apr 2023 21:59:01 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
64338
x-77-nzt
AZySIRCCvtn/UvsAAA
pragma
public
x-accel-expires
@1682136403
last-modified
Fri, 07 Apr 2023 14:30:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb25074364ec38c801
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Sat, 22 Apr 2023 04:06:43 GMT
bundle.js
ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/ Frame A905
180 KB
58 KB
Script
General
Full URL
https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca4632c98402232ce11da4c8e646385be9993ff53bc0fe70fc5bce163f41f674

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 16:18:13 GMT
content-encoding
gzip
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
1230049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
58649
last-modified
Fri, 07 Apr 2023 15:59:41 GMT
server
AmazonS3
etag
"92969ce251b9c0b6147d989e6fdf8c76"
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
KErFv2mswHv9_6wR0HoOUr9fGlBkmvy5DlLCTYg38uNueATWUBC10Q==
close-retina.png
ced-ns.sascdn.com/diff/templates/images/
2 KB
2 KB
Image
General
Full URL
https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:59:01 GMT
Last-Modified
Wed, 20 Oct 2021 08:07:22 GMT
Server
AkamaiNetStorage
ETag
"dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1802
notify
tlx.3lift.com/header/ Frame A905
37 B
220 B
Image
General
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1682114338&aid=41034828375837575997032&ec=5989_151074_481978833&n=GgDyAtgBCAASFzQxMDM0ODI4Mzc1ODM3NTc1OTk3MDMyGAAgASjlLjCinAlAAUgBUAFgCmgAcKn5IpABAJgBAKgBALgBCsABDcgBEPAB1gH4ARCAAg2RAgAAAAAAAPA%2FmQJSuB6F61HIP6gCALACAcgCBNgCAPECZmZmZmZm5j%2F4AoUvgAPYBYgDWpADAJgDAKADAbgDpYU8yAMA0gMJNDgxOTc4ODMz2gMJODQ5MTIyMjk44AO3m%2BlE6QMAAAAAAAAAAPADEPkDAAAAAAAAAACABAiJBFK4HoXrUcg%2F%2BAIMiAMAkgMEYzYyN5gDAKAD4r0cqAMA
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.61.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-61-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 21:59:01 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
tm.png
ads.themoneytizer.com/media/ Frame A905
228 B
582 B
Image
General
Full URL
https://ads.themoneytizer.com/media/tm.png
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 21 Apr 2023 21:59:01 GMT
x-cache
HIT
x-77-cache
HIT
x-age
64336
content-length
228
x-77-nzt
AZySIRBjK6H/UPsAAA
pragma
public
x-accel-expires
@1682136405
last-modified
Mon, 07 Nov 2022 09:00:04 GMT
server
CDN77-Turbo
x-77-nzt-ray
f6587a1d07e571bb250743646a6fa30d
content-type
image/png
cache-control
max-age=86400, public, no-transform
accept-ranges
bytes
expires
Sat, 22 Apr 2023 04:06:45 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame A88E
9 KB
3 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:59:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Mar 2023 11:27:04 GMT
Server
AkamaiNetStorage
ETag
"d04509d397c3e2fc66494d97f7722854:1678364030.711077"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3028
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame A88E
73 KB
16 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9af42f99bd5a10c8ab7a32f3129857b126b1e5ab04979fc8665a17c343eb8753

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:59:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jan 2023 12:00:05 GMT
Server
AkamaiNetStorage
ETag
"50f85d9fe081c36ec8027eb7990d524b:1673870779.157174"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16196
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame A88E
161 KB
5 KB
Script
General
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
56a6d7fd926cc41bffa1cd8554a52be2c3d22d190d346c8c5f95afd6b338e0c3

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 21:59:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jan 2023 12:00:05 GMT
Server
AkamaiNetStorage
ETag
"10031464cbc33776c1eac269fe7e78ed:1673870780.106064"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4385
notify
tlx.3lift.com/header/
37 B
220 B
Image
General
Full URL
https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1682114338&aid=41034828375837575997032&ec=5989_151074_481978833&n=GgDyAtgBCAASFzQxMDM0ODI4Mzc1ODM3NTc1OTk3MDMyGAAgASjlLjCinAlAAUgBUAFgCmgAcKn5IpABAJgBAKgBALgBCsABDcgBEPAB1gH4ARCAAg2RAgAAAAAAAPA%2FmQJSuB6F61HIP6gCALACAcgCBNgCAPECZmZmZmZm5j%2F4AoUvgAPYBYgDWpADAJgDAKADAbgDpYU8yAMA0gMJNDgxOTc4ODMz2gMJODQ5MTIyMjk44AO3m%2BlE6QMAAAAAAAAAAPADEPkDAAAAAAAAAACABAiJBFK4HoXrUcg%2F%2BAIMiAMAkgMEYzYyN5gDAKAD4r0cqAMA&b=1
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.61.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-61-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 21:59:01 GMT
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/r?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=un&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&domain=paste1s.com&ref=https%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y&rr=creative&fid=10&rb=0&g=0&tmplid=214&cb=74264
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pe
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/pe?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&peid=1&fid=10&tid=0&cb=96733
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame A905
3 KB
3 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 18:34:27 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
98675
etag
"ddf020e069f1706b72b7698b28fede09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3125
x-amz-cf-id
OFCQTVV6vL1wCy1-w_lWiAB5N7VXZgJNH9kZ_0_UfuA5sDMIehrpOw==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame A905
3 KB
4 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:49:56 GMT
via
1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
418537
etag
"7ceab27af00fa466072a3c3360041755"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
3518
x-amz-cf-id
nZ-lfNRoV-ujpi17wl7SSGp04MKaC1UWOWvnxFUH1Gr4N7eoBDbCBQ==
ctar
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ctar?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&cta_render_method=1&cta_render_text=&cb=19203
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 88B2
663 B
301 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 21:59:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 511F
78 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 21:59:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2kgy5RUKnel9l_OOSelmDyAfDhxGrZXHQWV8iUmR_Z6Roa4iqKaEswmVXtUODnG60RC3ZWsQIk1Ru0zIr2fyWaZ_qWakKekkFe1VgRVaSAAkJKXo
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15173692593900855053&x=96&ct=2
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aop
eb2.3lift.com/
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/aop?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=un&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&domain=paste1s.com&ref=https%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y&rr=creative&fid=10&rb=0&g=0&tmplid=214&cb=31075
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ev1
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev1?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=0.013&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=17196
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
3.gif
id5-sync.com/c/102/10/7/ Frame A88E
Redirect Chain
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/102/2/8/2.gif?puid=4417596967988441470&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
43 B
2 KB
Image
General
Full URL
https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol
HTTP/1.1
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 21 Apr 2023 21:59:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cs
cs.lkqd.net/ Frame 88B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1
43 B
533 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol
H2
Server
146.20.128.100 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 88B2
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 21 Apr 2023 21:59:02 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 88B2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:59:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:59:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 88B2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMHJsJHTh99ivxjzWBVCAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:59:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2042175369128&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2042175369128&version=m202301230201&ct=2&x=96&cor=15173692593900855000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 511F
73 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1edc90923288d40c6fab87cd6ee8a60f0306d0a2bcfa43131ca0b7ce4d29d327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35191
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 511F
28 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 17:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
14755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 May 2023 17:53:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 511F
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 21:59:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 511F
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 16:58:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 May 2023 16:58:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 511F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-ufpuR0Nj5q2knjswNk1kUF8WFSGnH3B_cEUZg-XhQELAEQ4_AK6HjM2f0QvSl6Ftdv0OugWCH1B4dTsPgF1eZ2NWE_Iksyq9DN-XmHBJsSOLkyUv_eJaOWWCrSqIMVJ83Iwe32MT6QxlyAEJRnM0vP5vt0BbMJ2q2yvbRVLWL3S9PxK-KKJe3A1a7g9_SLLiqO18xfN3DQaPD7o0zfbyfM6-5i_sLrsiLEjKs6f9_6uDwklAj_1hmFuhFMhMpEIzJNlO_qFehh0Qqt0iyERZ3ogaSPNzZBlJ1pdUS_swQJFlIPVN6-1c9oAny96KMTZNnm4rTytstaNghKEKsQyfiPtBpxZBCCD1RmQv_jtxeXYS6B-tTlCYbIIt8BSG3rNFg6ayM73eyYwWwYB9YoSTEwp7-NbW7T-5oqivWAgvUYs5RGVfsH9cvNKCxiZZyeMJ67K7q-a7MrJhsHHAoCbNfw_f-PuzLaJ9gVO5vdPAqeas4xxZhNbtFDo74Y-eUM05gthP6azARpsrJMz3coNoJjZBeaY08HiR4uVH0vu8wdVmG-PVxVB9cJ-pTmjAIsgpJJzIMjCUIuksbZra10wrnCDcuFbQeykkrb1mrea4qVjLGZJw9QPDA_6b9Ex9c6jwRsM3ZjsWxzKAYkyy933HxdGjPihOpwRo-cLvY3QGe2C52qmGMHlO9uineLnNZ9p5Ck9X33BfpHsqENHgM97Cjt0r1140Lc0REMCn6FLJQYJmyxbtIL-veLIcSldM57HnZwIRZLWoBeCEj9kggg2XJGZIGoc2Bk9enuuMizKGZdYd7Z6d9EFDML6tASyK-rt0agLUQjw2T9-7uZJXCzpkBgFVzDj8BLxUyatamZtDs_ujqp0qBpkVyHWId8WG3ISI-vroktBZrAtsWl-mZBC9na4elRH9Bnt_cVLzR_qFXi30DcVASAOpbOr4wYFd74kpFZ1NbdrGuVeL3Jekf1Fj9qfZpC2BRuDU1Tib6aIZMgvdPR_xAtMwbNcXeb8-wtM6uct6UtKrHeiQ37k6gnX4Pa2hIYg8FNNjvfQrBa_ObVOUPZxE6K414yVTS3OW-BsAO7Ghy2J7bDlLig9b-MlHzU4qllvYz4bxUZM3Gsr0wS7_oRNNSCXTNjNNuDP46__2mggK2EqxR48YEpspUfsGeYtuLn0AZ-cnCZsu3Ld4Ocg9&sai=AMfl-YRUMr6UdYzELfKtnm1L3zVfax2oxGnLuYmUXrJy0ujr3Y9j_PBJS18ZB5VqKmGGb__1XU6ycN9_wyDoqAorC0tw2lJ2v7MmYLkKl__FjpE0VojRex0HcN3FJxS9c3tZnogdkoH2JKAVQlkifr0UjiPXNOAfIqynyOyIE90S2S4nAf8PE9ATwDV-flRZ_7Vxt68smqCRDPmM1UlUsQs81W-Df5040rgOfI6WMfVIU4B_qTsbnm3worIGGBk&sig=Cg0ArKJSzEhGMY1nkU15EAE&uach_m=[UACH]&pr=96:0.016&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230418.48451&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 21 Apr 2023 21:59:02 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 21 Apr 2023 21:59:02 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 511F
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 03:50:52 GMT
11713519340353984172
s0.2mdn.net/simgad/ Frame 511F
60 KB
61 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11713519340353984172
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
a3d9126182541a330a55ed507eef56ba5fdd5c5d9f2525bc07136ece9d1e3db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:06:07 GMT
x-content-type-options
nosniff
age
71575
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61904
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 13:11:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Apr 2024 02:06:07 GMT
ev
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=0.013&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=16772
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D288
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
215323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 10:10:19 GMT
expires
Thu, 18 Apr 2024 10:10:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
u.4dex.io/ Frame 72CC
699 B
897 B
Document
General
Full URL
https://u.4dex.io/usync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d1155aebbf89bbec6fadb9245f8c84cc74313cba6bba974a8c5cfe0c9077460c

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
699
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 21:59:03 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 0CF3
2 KB
733 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0665c031de4ef6b6de993aeaa88c791ff4f224efa967206118a3e58f1a282cfc

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
644
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 21:59:02 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame 2E40
3 KB
2 KB
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
eb0d6b6deb07528c3aacc83225d29f085f5e8ad0c05e7182e1d254c31fd4f1bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1290
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 4048
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
6fc13ec563f7bfee406af162ff190e850f11355403e3647a36a8d14b695eae70

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 21:59:03 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 21 Apr 2023 21:59:03 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
csync.smilewanted.com/ Frame 5053
6 KB
2 KB
Document
General
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501

Request headers

Referer
https://paste1s.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb8e453ca2a3651-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:59:03 GMT
server
cloudflare
vary
Accept-Encoding
prebid
b1h.zemanta.com/usersync/
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
  • https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2
26 B
315 B
Image
General
Full URL
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Server
64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p
CP="We do not support P3P header."
Date
Fri, 21 Apr 2023 21:59:03 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:59:03 GMT
Content-Type
text/html; charset=utf-8
Location
/usersync/prebid?gdpr=0&gdpr_consent=&s=2
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
72
Expires
Thu, 01 Dec 1994 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 511F
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-ufpuR0Nj5q2knjswNk1kUF8WFSGnH3B_cEUZg-XhQELAEQ4_AK6HjM2f0QvSl6Ftdv0OugWCH1B4dTsPgF1eZ2NWE_Iksyq9DN-XmHBJsSOLkyUv_eJaOWWCrSqIMVJ83Iwe32MT6QxlyAEJRnM0vP5vt0BbMJ2q2yvbRVLWL3S9PxK-KKJe3A1a7g9_SLLiqO18xfN3DQaPD7o0zfbyfM6-5i_sLrsiLEjKs6f9_6uDwklAj_1hmFuhFMhMpEIzJNlO_qFehh0Qqt0iyERZ3ogaSPNzZBlJ1pdUS_swQJFlIPVN6-1c9oAny96KMTZNnm4rTytstaNghKEKsQyfiPtBpxZBCCD1RmQv_jtxeXYS6B-tTlCYbIIt8BSG3rNFg6ayM73eyYwWwYB9YoSTEwp7-NbW7T-5oqivWAgvUYs5RGVfsH9cvNKCxiZZyeMJ67K7q-a7MrJhsHHAoCbNfw_f-PuzLaJ9gVO5vdPAqeas4xxZhNbtFDo74Y-eUM05gthP6azARpsrJMz3coNoJjZBeaY08HiR4uVH0vu8wdVmG-PVxVB9cJ-pTmjAIsgpJJzIMjCUIuksbZra10wrnCDcuFbQeykkrb1mrea4qVjLGZJw9QPDA_6b9Ex9c6jwRsM3ZjsWxzKAYkyy933HxdGjPihOpwRo-cLvY3QGe2C52qmGMHlO9uineLnNZ9p5Ck9X33BfpHsqENHgM97Cjt0r1140Lc0REMCn6FLJQYJmyxbtIL-veLIcSldM57HnZwIRZLWoBeCEj9kggg2XJGZIGoc2Bk9enuuMizKGZdYd7Z6d9EFDML6tASyK-rt0agLUQjw2T9-7uZJXCzpkBgFVzDj8BLxUyatamZtDs_ujqp0qBpkVyHWId8WG3ISI-vroktBZrAtsWl-mZBC9na4elRH9Bnt_cVLzR_qFXi30DcVASAOpbOr4wYFd74kpFZ1NbdrGuVeL3Jekf1Fj9qfZpC2BRuDU1Tib6aIZMgvdPR_xAtMwbNcXeb8-wtM6uct6UtKrHeiQ37k6gnX4Pa2hIYg8FNNjvfQrBa_ObVOUPZxE6K414yVTS3OW-BsAO7Ghy2J7bDlLig9b-MlHzU4qllvYz4bxUZM3Gsr0wS7_oRNNSCXTNjNNuDP46__2mggK2EqxR48YEpspUfsGeYtuLn0AZ-cnCZsu3Ld4Ocg9&sai=AMfl-YRUMr6UdYzELfKtnm1L3zVfax2oxGnLuYmUXrJy0ujr3Y9j_PBJS18ZB5VqKmGGb__1XU6ycN9_wyDoqAorC0tw2lJ2v7MmYLkKl__FjpE0VojRex0HcN3FJxS9c3tZnogdkoH2JKAVQlkifr0UjiPXNOAfIqynyOyIE90S2S4nAf8PE9ATwDV-flRZ_7Vxt68smqCRDPmM1UlUsQs81W-Df5040rgOfI6WMfVIU4B_qTsbnm3worIGGBk&sig=Cg0ArKJSzEhGMY1nkU15EAE&uach_m=[UACH]&pr=96:0.016&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=622&vt=11&dtpt=620&dett=2&cstd=0&cisv=r20230418.48451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://paste1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 21 Apr 2023 21:59:03 GMT
sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
pagead2.googlesyndication.com/bg/ Frame D288
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 00:22:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
164207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14209
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Apr 2024 00:22:16 GMT
cframe.js
assets.a-mo.net/js/ Frame 0CF3
9 KB
4 KB
Script
General
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
FRA6-C1
age
62
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 27 Mar 2023 18:10:34 GMT
server
cloudflare
etag
W/"60125fcf1fcf576eebb45554f83ada73"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7bb8e45699242c7b-FRA
x-amz-cf-id
EZaBNcR0LnddyoHnvAJWcaPr1HbR2mM7w7yppz0Asiieu10pg9MZIw==
expires
Fri, 21 Apr 2023 22:59:03 GMT
tap.php
pixel.rubiconproject.com/ Frame 2E40
42 B
774 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2E40
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 2E40
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
/
onetag-sys.com/match/ Frame 2E40
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 21 Apr 2023 21:59:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2a80b81b-479f-4563-a5d7-548ca0e251c9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 2E40
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273
date
Fri, 21 Apr 2023 21:59:02 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 2E40
0
0
Image
General
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ecm3
s.amazon-adsystem.com/ Frame 2E40
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:59:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5GFS1B2F5M6BS7CPXCQ8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 2E40
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQ1NzIyQ0ItOTNGQS00RjAzLTlFRkEtMUY1QzkyRUJBQjMx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEVV9byWpApOjUpga3NdsCE&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31
0
0

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 2E40
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A
0
291 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A
date
Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 2E40
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=863f23c4-62ba-42d3-ac8d-e0bed9cd78aa&ssp=onetag
0
0

decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 5053
48 KB
12 KB
Script
General
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
22700
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7bb8e454eb823651-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D288
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF5DRJgdDZOf3CNXw3wPQhLjQAwAAAAA4AeAEAg&bg=!YmGlYTXNAAYfNdXmPzU7ADkAdvg8Wnya8uWWTxxJojQF5cICIi1nE5xpQcZbyw0SIiJpT6BRHGwhybZG5Uv7eLvDfplEbQgiW9wCAAAAPlIAAAABaAEHmQLW7nzuyczFJ24HYw0WUBBDr1CqbJ4sCd8cjp6GbmukmHERzrpSzIFdK77QNzoHrC0ZpchXApJiYPXVUDEvH7LaAmFZzb9fZ_uY21psd2haW0qW_RjuAS2RYIRMV7LCmOcwPFNvKNnWhavsT8IE5db0MZ3mGhP_XpPc7idvWyCtwOkbgIx58-HU6qyqEOJPhdCc6MxcVgULS8Pe5_iBwrw9SlW5p9-PgVHVdaFalN_BPFfJNzI1tCrK_c_cW4BuLcS7C4i0KHw2fqSPE7EYNeWwbhmyx2TI_siZSRLGo81l-ZQMOywTZX8xcuhtu3Sbwa6avjKRlgdWte7wweJelObJe04QeoDnvIH9PvQLZo5j7CZQTGNNPpogk9CIA-CQ13cAq2zH-XbPea1YbYk0ln-CQlFBr0O8zxHazCXvn05GYJkoNsMliLUKM30AiVmcV2MdF6aabSa3vVfM-FgWDThbLWM4uwyxJfvOetaZ-uaNM739I3wrPdVwjUliXwOneJEv6ETtNM-EtIWgc5JxQATyX40K8rcGCgbm6qTPBYP8ZVUYMUvXXW3VOiLTBILDJfPlEIJ_X7L9DX5P391pf34aINlEUqrUSbaF0mNrxssnAUmWIAXGYTDTkkRyEV3QVqkHmwk9MDxQJfkyxYKtEdi3T8mV_M4YrV3_3J6wkjk7aLrr2ca5Aznbw2BjbCcDFEPUesMIgeTOa9Skcwm2QRj9SDhqlhkKt2dKmuzpbBVnk-_RNCG4yNUY5r4y1QAK6WeYwE9EuhQGVLgGSZKLn-osoZv1aU9tXXKSXEImoi0rXjCEG_KN0UHgw1SewCbn0sA_2vZ-oSdktJYuLRbXl8qcwS9dz84SGW2oBuXeFjTKNV20MR-ifmVzsBnY6h5tFs8VrKCtpTr-XFx_-d8Gziq2ZxWuVkLgnaEkoZp8W647aZagkP-URdL0C06djdMrL60DdgL_xkj0
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4048
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 4048
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 4048
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4048
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 4048
0
513 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3884473132729541786822&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7F342064FC0444ACB4F055783947CAEC Ref B: VIEEDGE3812 Ref C: 2023-04-21T21:59:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX538Ps7Yg6paktxhfnVg==
bsw_sync
ads.creative-serving.com/ul_cb/ Frame 4048
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3884473132729541786822&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
0
0

c.gif
c.bing.com/ Frame 4048
42 B
667 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=3884473132729541786822&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:02 GMT
last-modified
Wed, 19 Apr 2023 15:34:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C8DE886481F146CEBD1868337A765991 Ref B: VIEEDGE3621 Ref C: 2023-04-21T21:59:03Z
etag
"f5c05c67d472d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 4048
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3884473132729541786822?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883
content-length
0
triplelift
b1sync.zemanta.com/usersync/ Frame 4048
0
0

xuid
eb2.3lift.com/ Frame 4048
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 21 Apr 2023 21:59:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
704d5486-c343-4c24-bc80-aaedc60ea089
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame D81B
0
322 B
Document
General
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb8e455fcb63651-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:59:03 GMT
server
cloudflare
vary
Accept-Encoding
GhRnqLZHBZj79kGUSvSTvT8_
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame C58D
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true
  • https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_
0
0

/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame AE29
0
0

setuid
u.4dex.io/ Frame 72CC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
  • https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f
0
544 B
Image
General
Full URL
https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f
Requested by
Host: u.4dex.io
URL: https://u.4dex.io/usync.html
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://u.4dex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 21:59:04 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

date
Fri, 21 Apr 2023 21:59:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rmpssp
sync.1rx.io/usersync2/ Frame BEF9
0
0

e6bf04f0-9407-5270-9072-4a86f4314da1
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame B331
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1
0
0

64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 83DD
Redirect Chain
  • https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
  • https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
0
0

ccb7e3087b8c98d4b4efa29472edf
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame F92B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
0
404 B
Document
General
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb8e45a79e13651-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:59:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Apr 2023 21:59:03 GMT
Expires
Fri, 21 Apr 2023 21:59:03 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1682114343924010-384
v1
match.sharethrough.com/universal/ Frame 8918
0
0
Document
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.204.152 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
smw888.gif
us.ck-ie.com/ Frame 5F0E
0
0

cm-notify
creativecdn.com/ Frame AFE2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
0
0

setuid
ib.adnxs.com/prebid/ Frame 2FD7
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
43 B
2 KB
Document
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

AN-X-Request-Uuid
885f0394-ce03-46bd-a387-181459338d80
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 21:59:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7bb8e45978b13651-FRA
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:59:03 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
server
cloudflare
usync
id.a-mx.com/ Frame 0CF3
0
0

usersync.aspx
dis.criteo.com/dis/ Frame 0CF3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=090bc00d-2a93-4bdb-b17d-508f6930049e&gdpr=0&gdpr_consent=&us_privacy=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
0
0

yahoo
prebid.a-mo.net/setuid/ Frame 0CF3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=090bc00d-2a93-4bdb-b17d-508f6930049e
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0
date
Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame 0CF3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0
0
147 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
cookie
cm.adform.net/ Frame 0CF3
0
0

setuid
prebid.a-mo.net/ Frame 0CF3
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%...
  • https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273
0
138 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273
date
Fri, 21 Apr 2023 21:59:03 GMT
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 0CF3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dpubmatic%26uid%3DA45722CB-93FA-4F03-9...
0
0

usermatchredir
ssum.casalemedia.com/ Frame 0CF3
0
0

setuid
prebid.a-mo.net/ Frame 0CF3
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 21 Apr 2023 21:59:03 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/ Frame 0CF3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470
0
112 B
Image
General
Full URL
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
H2
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:59:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Fri, 21 Apr 2023 21:59:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6a09373e-bffe-4385-94b3-a99f73aa8812
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 0CF3
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e
Requested by
Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 21:59:03 GMT
AN-X-Request-Uuid
1d05734b-ad63-4a01-b494-baee47f70d1b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 0CF3
0
0

setuid
prebid-server.rubiconproject.com/ Frame 0CF3
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 511F
0
0

gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=863f23c4-62ba-42d3-ac8d-e0bed9cd78aa&ssp=onetag
Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
Domain
id.a-mx.com
URL
https://id.a-mx.com/usync?uid=090bc00d-2a93-4bdb-b17d-508f6930049e&gdpr_consent=
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dadform%26uid%3D%24UID
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dpubmatic%26uid%3DA45722CB-93FA-4F03-9EFA-1F5C92EBAB31
Domain
ssum.casalemedia.com
URL
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dindex_rtb%26uid%3D
Domain
ow.pubmatic.com
URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRDXloCwaAlNtxEkUoaZBJ47sxXNEC3WDJ-R0W7_FZeALdOWpTWtZ23g-hiCUsJybznrtBh78BPA2k2rB4vo1QX68pGWF0X6w&sig=Cg0ArKJSzAY7k4J3_LI3EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2506182968&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682114341747&rpt=1226&wmsd=0&pbe=0&vae=0&spb=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2042175369128&version=m202301230201&ct=2&x=96&cor=15173692593900855000

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless function| gtag object| dataLayer function| __tcfapi function| __uspapi function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| ab_test_iiq number| random_cent_iiq undefined| s undefined| x number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26328 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText number| nugg_iiq string| pubstack_ab function| whatToLoad object| sublime string| sh object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26328 function| MobileDetect object| md function| verbose object| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| ezt object| _qoptions function| mapperjs object| __core-js_shared__ object| regeneratorRuntime function| __tcfapiui boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| intervalCounterNumberGPP2 number| sas_renderMode object| libJsLeadPlace object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_image_requests object| adsbygoogle string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| _ function| Popper function| jQuery function| $ function| axios boolean| tmcredentials object| googletag object| apntag object| _ADAGIO undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_26300 undefined| Adcall_26322 string| Smart_SR_data object| ONFOCUS object| slowBidders object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 undefined| Adcall_26711 object| el object| lastBidder26328 boolean| sasIsIosUiwebview undefined| lte9 undefined| nav undefined| ua undefined| idb object| smartCsync object| args string| css object| style function| setupFooterSlidein function| bringToFront function| setupSlideIn function| setupFooter function| qcResize function| setupExoticFS function| setupNative object| iframeDoc object| elList number| k string| sMWidth string| sMHeight number| _tlTagsPending object| googDdmPs

72 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ9OHPrvowCgoI4gEQ9OHPrvowCgoI5gEQ9OHPrvowCgoIhwIQ9OHPrvowCgkICRD04c-u-jAKCQg6EPThz676MAoJCAsQ9OHPrvowCgoIjAIQ9OHPrvowCgkIXxD04c-u-jAKCQgfEPThz676MA==
paste1s.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVXRmN3QnE5bS9PU2F3UG9tSzhYV3c9PSIsInZhbHVlIjoidkVtWlpDZWx2NG1qTnNwQlRqV2VYWDAwbEpXYzRNNktZN3pqRWRtK2h5enRkSTUxN3hic25kdUo5OGVRSm5BT1I3WTlNYXNHODBsYlFNV2RnazdORFRXODNibzNDTkQ0Q25EUktKZDBoR0JKR2p5T296V1dnNjMyL0wzZDFuazMiLCJtYWMiOiJiN2Y5OWRhNmQ4YWUyMDIzMmFkODExMDI3OGNiYjRkOTU1YTdmNjlmNDVkNDgzNmNiM2MwYzYzM2Q3N2IxZTFhIn0%3D
paste1s.com/ Name: online_notepad_take_notes_and_earn_money_at_paste1scom_session
Value: eyJpdiI6InJVdmtVNHRTRXM1UlE2UEY4eTdjYXc9PSIsInZhbHVlIjoicG5Td0tTZWNPaTk5eW5aS0lqcEViRVBKbU9UY1pNc09QTHp2eGgwYmxVSG91b0o3T2s0RExrTyswV2NHK0pSL1VKNE5ocWZ3YmRBcVJCdXhlOSt4M1dUMGQyUzA4bW4zdlNiRnBmMXlVMTZxU0RpSFg2MjYvVnpNc2U0SFNBVEwiLCJtYWMiOiJmNjlkMDU2ZjJiYjkxODIwNTVlNmM0NDA5ZDA4Y2Y0ZTQwNDhiMmNkNDUwOTEwNDkxZTcyYjliMGZmOGQ0NjUzIn0%3D
paste1s.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.paste1s.com/ Name: sharedid
Value: 214c568c-e777-402f-9dc8-b2211122e40c
.zeotap.com/ Name: zc
Value: de0dc530-89b6-4746-4818-153bf3d74f9d
.zeotap.com/ Name: zsc
Value: %2A9HE%A7P%D9%BD%C4%F4%3E%15%ABWJ%03%16%B3%90Ab%9F%1Df%BF%01%10J%87%2F%B41%C1%85%24%24%9F%06%D6%22%B9%F4%B5%CE%06%2B%F1m%FBX%CEO%BC%E7%B6%9D%B7w%EEH
.adnxs.com/ Name: uuid2
Value: 4417596967988441470
.mathtag.com/ Name: uuid
Value: f65e6443-0722-4e00-9d60-49400f7fbaa8
.paste1s.com/ Name: _ga
Value: GA1.2.1387979014.1682114338
.paste1s.com/ Name: _gid
Value: GA1.2.908602986.1682114338
.paste1s.com/ Name: _gat_gtag_UA_129758818_17
Value: 1
.adsrvr.org/ Name: TDID
Value: e6dcd8c2-0984-47e4-831b-9f38d1c78845
.doubleclick.net/ Name: IDE
Value: AHWqTUmcNeDR5OItFcWW84OKilwxQMEMgAICfMlkG5GR74jwU80XBaO-NJ2AZbar1dk
.rubiconproject.com/ Name: khaos
Value: LGR3G1SV-L-10W6
.cpx.to/ Name: cpSess
Value: 265ac13f6265548f
.id5-sync.com/ Name: callback
Value:
.cpx.to/ Name: dsp_dbm
Value: CAESENGN_6ME5-oIgNdOPmMqe6I#1682114338219
.prebid.a-mo.net/ Name: __amc
Value: 1_1682114338_1682114338
.a-mo.net/ Name: amuid2
Value: 090bc00d-2a93-4bdb-b17d-508f6930049e
.prebid.a-mo.net/ Name: sd_amuid2
Value: 090bc00d-2a93-4bdb-b17d-508f6930049e
.omnitagjs.com/ Name: ayl_visitor
Value: 4544a5a6e4c8059c19d2e2c04895ee8e
.quantserve.com/ Name: mc
Value: 64430722-4dc5c-670eb-d6643
.paste1s.com/ Name: __qca
Value: P0-1442885964-1682114337244
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.cpx.to/ Name: dsp_TTD
Value: e6dcd8c2-0984-47e4-831b-9f38d1c78845#1682114338390
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A45722CB-93FA-4F03-9EFA-1F5C92EBAB31
.cpx.to/ Name: dsp_app_nexus
Value: 4417596967988441470#1682114338564
.cpx.to/ Name: dsp_pubmatic
Value: A45722CB-93FA-4F03-9EFA-1F5C92EBAB31#1682114338640
.smartadserver.com/ Name: pid
Value: 7772941124511262273
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 111:ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNC0yMVQyMTo1ODo1OS4yODE5MTA4NFoiLCJwdWJtYXRpYyI6IjIwMjMtMDQtMjFUMjE6NTg6NTkuMjgxOTA0NDcyWiIsInJ1Ymljb24iOiIyMDIzLTA0LTIxVDIxOjU4OjU5LjI4MTkwOTY4MloifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiYWQ3NDI0NmQtMWM0MS00ZjkzLWFiMmUtMDZiNGEzMjc5YjIxIiwiZXhwaXJlcyI6IjIwMjMtMDYtMjBUMjE6NTg6NTkuMjgxNDkxNDgyWiJ9fSwiYmRheSI6IjIwMjMtMDQtMjFUMjE6NTg6NTkuMjgxMzI4MjkzWiJ9
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ACCpH33PMT0azlt4
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.bidswitch.net/ Name: tuuid
Value: debfa3c7-fae8-4d37-bda9-b68880222ba0
.bidswitch.net/ Name: c
Value: 1682114339
.bidswitch.net/ Name: tuuid_lu
Value: 1682114339
.semasio.net/ Name: SEUNCY
Value: 39ECE741232877CF
.smartadserver.com/ Name: vs
Value: 508015=5418599
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qpc%3D380000%3B%24qt%3D107_7_29856t%3B%24dma%3D0&c=1&l=1224194952&lo=1424563188&lt=638177111408252014&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qpc%3D380000%3B%24qt%3D107_7_29856t%3B%24dma%3D0
.smartadserver.com/ Name: csfq
Value: 1
.smartadserver.com/ Name: lcsrd
Value: 2023-04-21T22:03:00.8495248Z
.smartadserver.com/ Name: rpools
Value: 111
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8606878047360377700
.id5-sync.com/ Name: id5
Value: f3f93bc3-447c-7b1b-9337-56ffa91477b7#1682114337657#4
.id5-sync.com/ Name: 3pi
Value: 112#1682114340897#2069755677#39ECE741232877CF|2#1682114341989#346578727#4417596967988441470|3#1682114339240#1873085694#f65e6443-0722-4e00-9d60-49400f7fbaa8|102#1682114338939#-1858490819|264#1682114339580#1161469672#e6dcd8c2-0984-47e4-831b-9f38d1c78845|104#1682114340026#927173506#debfa3c7-fae8-4d37-bda9-b68880222ba0|10#1682114342472#1744295411#8606878047360377700
.lkqd.net/ Name: lkqdidts
Value: 1682114342
.lkqd.net/ Name: sr59
Value: 1|CAESECbOsq_oB8JRdbYwBitOa48|1682114342
.lkqd.net/ Name: lkqdid
Value: Xs4BjUmsgoY
.casalemedia.com/ Name: CMID
Value: ZEMHJmrDb9vTegX.KtYMCgAA
.casalemedia.com/ Name: CMPS
Value: 3247
.casalemedia.com/ Name: CMPRO
Value: 3247
.onetag-sys.com/ Name: OTP
Value: rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
.3lift.com/ Name: tluid
Value: 3884473132729541786822
.zemanta.com/ Name: zuid
Value: BD_IsjEZ3OZHElvkkuv8
.rubiconproject.com/ Name: audit
Value: 1|P1tWeDHal+VrWnZsXVGDs07xTFskKrfIQ4jOKpHDRQ+GGao+ISL+O9ZMP0xyJMVmn921bTkXSpyM1KxoLazIt6NWShwHx7KI6rocrMY9/A/1mwnvGjGvP9Fa1ny4ke/YSOwuWj+RBpHD2DWlM1ZBw3EIczZWES83uB4MYhTykiDBi834IZRJWM9sdGeFC9lF
.pubmatic.com/ Name: pi
Value: 159706:3
.yahoo.com/ Name: A3
Value: d=AQABBCcHQ2QCEMYE0y-3Hcm4UMdN7kQ5HtoFEgEBAQFYRGRMZAAAAAAA_eMAAA&S=AQAAAg2-64qmucG2Xu2lgtlkdf8
.analytics.yahoo.com/ Name: IDSYNC
Value: 194o~2b7x
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCNTH7vC0r-E7EAUYASABKAIyCwjUv_Gdy6_hOxAFOAFaB3N2eDl0NTBgAg..
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw8wfaV6FeazOMy%2B4DvAFuVxmoqFZXkPif6afHs%2FGI02gF%2BtL1m%2FCiYh4vUzLu28vslwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6tRv%2FlfDo0pTZu%2Fw1SWSjoQ%3D%3D
.pubmatic.com/ Name: SyncRTB3
Value: 1683244800%3A220_21
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

33 Console Messages

Source Level URL
Text
network error URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://paste1s.com/notes/3VQCO5Y
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paste1s.com/notes/3VQCO5Y
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://paste1s.com/notes/3VQCO5Y
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://paste1s.com/notes/3VQCO5Y
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smartadserver.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.4dex.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smartadserver.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.4dex.io').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
network error URL: https://ow.pubmatic.com/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.creative-serving.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
ap.lijit.com
assets.a-mo.net
b1h.zemanta.com
b1sync.zemanta.com
c.4dex.io
c.bing.com
c.tmyzer.com
c1.adform.net
cdn.shopify.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
cm.adform.net
cm.g.doubleclick.net
cmp.quantcast.com
creativecdn.com
cs.lkqd.net
csync.smartadserver.com
csync.smilewanted.com
d2zur9cc2gf1tx.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fstatic.netpub.media
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.3lift.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
kvt.sddan.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
onetag-sys.com
ow.pubmatic.com
p.cpx.to
pagead2.googlesyndication.com
paste1s.com
pbjs.e-planning.net
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.smilewanted.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.smilewanted.com
sync.1rx.io
sync.mathtag.com
sync.richaudience.com
tag.leadplace.fr
tlx.3lift.com
tpc.googlesyndication.com
u.4dex.io
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
us.ck-ie.com
ww1097.smartadserver.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.creative-serving.com
b1sync.zemanta.com
cm.adform.net
creativecdn.com
csync.smilewanted.com
dis.criteo.com
id.a-mx.com
image4.pubmatic.com
onetag-sys.com
ow.pubmatic.com
pagead2.googlesyndication.com
prebid-server.rubiconproject.com
prebid.smilewanted.com
ssum.casalemedia.com
sync.1rx.io
sync.richaudience.com
us.ck-ie.com
x.bidswitch.net
104.18.2.114
104.19.158.19
104.22.24.87
104.22.69.131
104.26.5.26
104.26.9.169
13.107.21.200
13.107.42.14
13.248.245.213
13.32.27.86
13.32.99.28
142.250.181.234
142.250.185.130
142.250.185.162
142.250.185.194
142.250.186.102
142.250.186.130
142.250.186.136
142.250.186.161
142.250.186.35
142.250.186.42
145.239.192.166
146.20.128.100
147.75.84.158
156.146.33.17
162.19.138.116
162.19.138.117
178.250.1.11
18.194.204.152
18.200.133.96
18.203.73.89
18.66.97.31
185.255.84.151
185.29.132.245
185.64.189.110
185.80.39.216
185.86.138.152
185.86.139.104
188.114.97.3
188.114.98.0
193.3.178.3
198.47.127.18
2.16.186.10
2.16.186.16
2.16.186.41
216.239.36.178
216.52.2.6
216.58.212.130
23.227.60.200
3.120.144.155
3.125.61.64
3.33.220.150
3.75.62.37
34.149.40.38
35.241.34.106
35.244.159.8
35.244.174.68
37.157.6.233
37.157.6.246
37.252.171.52
37.252.171.85
51.158.28.82
51.89.9.252
52.210.243.186
52.31.91.58
52.46.155.104
54.38.64.100
64.74.236.63
65.9.7.64
69.173.144.138
77.243.51.121
79.125.111.148
81.17.55.98
91.228.74.208
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c
0138a397ea954dfb7486525dcfdb18ff24b7c4d6c501981b76d731277f26f879
0665c031de4ef6b6de993aeaa88c791ff4f224efa967206118a3e58f1a282cfc
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1edc90923288d40c6fab87cd6ee8a60f0306d0a2bcfa43131ca0b7ce4d29d327
22560f4ac08886d0801899adf990f533041a6be25d3a2c77d270d63a5528df44
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
31e5fb043938f7aff456e97c06d85e24de3ed2a33dd62dea9886c24b67061185
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f05ae8fbc9c6ccb3447dd3a71665ca872318d3996369313c374968ad3aaa14d
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
56a6d7fd926cc41bffa1cd8554a52be2c3d22d190d346c8c5f95afd6b338e0c3
56eae18860c4066cfed9fd5acc171937087f46fc042a8df7e56418df29a63f24
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a200b67450da7b221ae617a078d3114819e73384cf781b22ca84cc8d53cc5d5
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cab717d72036eb7ea203aea8be175c98c26d0d5ef7e108df8687eed7b1678c5
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6fc13ec563f7bfee406af162ff190e850f11355403e3647a36a8d14b695eae70
767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad
79ee4ccd74ffe68cb3992c0f6044438847b5331c419b0fb733d851dc50528f79
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
81b8a613f62dd2e1322dc323643269dca40df467b329d2c583ba3c57e3b57f2e
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
8798b894d9c957b5e9a4f3795cf3641b999ce18af4623b9a71a2e063fde7cc64
892245a61373c7d74f1209a05ec18deece342e31b9ad4d2cbd506ba00f1e3581
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af42f99bd5a10c8ab7a32f3129857b126b1e5ab04979fc8665a17c343eb8753
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b9252c2f0ce90582dec0abda9ea678661ec6b509f3330919e1c67ce0741b32
a22ef20b5eeb20da6a9305f243c83cf3c969efdad6264e8025bb41a7a8b6159f
a3d9126182541a330a55ed507eef56ba5fdd5c5d9f2525bc07136ece9d1e3db7
a4398b4a43a6198a22ef0fc2e7368c3a129778a50da9286fdb436738ad956b27
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b8b0db583acb8255792448212abc01984bed38a2799697ef8b9b09d410b283d0
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bccf82d43a087f44f18f52a191ab456f4186e4477617fdf09c6b66e3d4470d57
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca4632c98402232ce11da4c8e646385be9993ff53bc0fe70fc5bce163f41f674
d1155aebbf89bbec6fadb9245f8c84cc74313cba6bba974a8c5cfe0c9077460c
d74e0bc3c37ed1660d8167657b25e05e856d8e817227e713900127232ebc8aef
dd19c7daef60997e8100a638e67d902d7337b7d04b123aeaf762f11ffa5cf0e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb0d6b6deb07528c3aacc83225d29f085f5e8ad0c05e7182e1d254c31fd4f1bd
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ecbc60f0ded5c6ff9296cc46eeec859bd919e53c5e87154b31bfe2c3d4e980aa
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee90c34f782072d4d22c8a9029cd3608b5c81190761e34ef2b3f799e3928a86f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64c06e715e181775e12a4f1ff456c55ceb742a0193ded36926cf6bc6d7f87b
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f29d2835c1e6d4b6bf8db200d268fed481ed8be1f46a45148fc396584d210efa
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f4f84044c9f3e680342c05e5879575337a46d2ceffb9cee2cf9e840fd26a1d36
fb6f64025c97613b5f8518dae9e2373bb3cfb3217c45af3aa9a84e3d82f835f1
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223
fc8c1d41c334140c6f3880ddea76ac68f0d1f8bd1c482ba10c1c854890b55499
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3