paste1s.com Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste1s.com/notes/3VQCO5Y
Submission: On April 21 via manual (April 21st 2023, 9:59:04 pm UTC) from GB — Scanned from GE

Summary HTTP 190 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 64 IPs in 9 countries across 62 domains to perform 190 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is paste1s.com. The Cisco Umbrella rank of the primary domain is 714771.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.

This is the only time paste1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
2	188.114.98.0 188.114.98.0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
12	156.146.33.17 156.146.33.17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.27.86 13.32.27.86	16509 (AMAZON-02) (AMAZON-02)
2	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2.16.186.10 2.16.186.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.22.24.87 104.22.24.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
4 16	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	91.228.74.208 91.228.74.208	16509 (AMAZON-02) (AMAZON-02)
1	18.200.133.96 18.200.133.96	16509 (AMAZON-02) (AMAZON-02)
1	65.9.7.64 65.9.7.64	16509 (AMAZON-02) (AMAZON-02)
12	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	104.26.5.26 104.26.5.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
7 9	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
10 14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 3	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
6 6	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 3	3.120.144.155 3.120.144.155	16509 (AMAZON-02) (AMAZON-02)
2	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
1	18.66.97.31 18.66.97.31	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
11 17	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	104.26.9.169 104.26.9.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	79.125.111.148 79.125.111.148	16509 (AMAZON-02) (AMAZON-02)
1	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
3	3.125.61.64 3.125.61.64	16509 (AMAZON-02) (AMAZON-02)
1	18.203.73.89 18.203.73.89	16509 (AMAZON-02) (AMAZON-02)
7	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	104.18.2.114 104.18.2.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	193.3.178.3 193.3.178.3	399668 (E-PLANNING-) (E-PLANNING-)
1 3	64.74.236.63 64.74.236.63	19024 (INTERNAP-...) (INTERNAP-BLK5)
1 1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
4 4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	52.31.91.58 52.31.91.58	16509 (AMAZON-02) (AMAZON-02)
1 1	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	35.241.34.106 35.241.34.106	15169 (GOOGLE) (GOOGLE)
2	81.17.55.98 81.17.55.98	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2.16.186.41 2.16.186.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.32.99.28 13.32.99.28	16509 (AMAZON-02) (AMAZON-02)
3 15	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	146.20.128.100 146.20.128.100	27357 (RACKSPACE) (RACKSPACE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	34.149.40.38 34.149.40.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	104.22.69.131 104.22.69.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.158.19 104.19.158.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.107.42.14 13.107.42.14	() ()
1	13.107.21.200 13.107.21.200	() ()
1 1	52.210.243.186 52.210.243.186	() ()
2 2	35.244.159.8 35.244.159.8	() ()
1 1	2.16.186.16 2.16.186.16	() ()
1	18.194.204.152 18.194.204.152	() ()
1 1	216.52.2.6 216.52.2.6	() ()
190	64

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

paste1s.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.98.0 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 156.146.33.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 494557430.fra.cdn77.com

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-86.fra56.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.64.100 (None, )

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 51.89.9.252 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.133.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-133-96.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-64.fra56.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.5.26 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fstatic.netpub.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.171.85 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.152 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.220.150 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.144.155 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-144-155.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 162.19.138.117 (France) 11 redirects

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 79.125.111.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-111-148.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.61.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-61-64.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.73.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-73-89.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.178.3 (United States) 1 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.74.236.63 (United States) 1 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Norresundby, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.91.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-91-58.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-41.deploy.static.akamaitechnologies.com

csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-28.fra60.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.20.128.100 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.22.69.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.158.19 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (None, )

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.243.186 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (None, ) 2 redirects

ASN- ()

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.16 (None, ) 1 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.204.152 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 797 ib.3lift.com — Cisco Umbrella Rank: 2197 eb2.3lift.com — Cisco Umbrella Rank: 535	81 KB
19	doubleclick.net 10 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	42 KB
17	id5-sync.com 11 redirects id5-sync.com — Cisco Umbrella Rank: 612	23 KB
16	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	8 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	127 KB
12	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 39388	227 KB
10	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	11 KB
9	4dex.io script.4dex.io — Cisco Umbrella Rank: 2474 mp.4dex.io — Cisco Umbrella Rank: 2960 c.4dex.io — Cisco Umbrella Rank: 9172 u.4dex.io — Cisco Umbrella Rank: 5135	27 KB
9	smartadserver.com 3 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2556 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774 ww1097.smartadserver.com — Cisco Umbrella Rank: 39650 csync.smartadserver.com — Cisco Umbrella Rank: 4468	25 KB
8	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1379 assets.a-mo.net — Cisco Umbrella Rank: 5363	6 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 451	3 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 10289 s.cpx.to — Cisco Umbrella Rank: 3832	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876 ssum.casalemedia.com Failed	4 KB
5	smilewanted.com prebid.smilewanted.com Failed csync.smilewanted.com — Cisco Umbrella Rank: 6291 static.smilewanted.com — Cisco Umbrella Rank: 14565	15 KB
5	adform.net 4 redirects adx.adform.net — Cisco Umbrella Rank: 3716 c1.adform.net — Cisco Umbrella Rank: 908 cm.adform.net Failed	3 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 402 pr-bh.ybp.yahoo.com	1 KB
5	rubiconproject.com 2 redirects pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036 pixel.rubiconproject.com — Cisco Umbrella Rank: 447 prebid-server.rubiconproject.com Failed	3 KB
4	paste1s.com paste1s.com — Cisco Umbrella Rank: 714771	142 KB
3	zemanta.com 1 redirects b1h.zemanta.com — Cisco Umbrella Rank: 8287 b1sync.zemanta.com Failed	902 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
3	pubmatic.com 2 redirects image8.pubmatic.com — Cisco Umbrella Rank: 1002 image2.pubmatic.com — Cisco Umbrella Rank: 1377 image4.pubmatic.com Failed ow.pubmatic.com Failed	673 B
3	gstatic.com fonts.gstatic.com	31 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 442 dis.criteo.com Failed	660 B
3	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9167 ced-ns.sascdn.com — Cisco Umbrella Rank: 3494	40 KB
2	openx.net 2 redirects u.openx.net	637 B
2	lkqd.net 1 redirects cs.lkqd.net — Cisco Umbrella Rank: 4185	1 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1965	1 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7759	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 376	958 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 1007
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	1 KB
2	netpub.media 1 redirects fstatic.netpub.media — Cisco Umbrella Rank: 238542	451 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1478 pixel.quantserve.com — Cisco Umbrella Rank: 1327	9 KB
2	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 4380	21 KB
2	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 33346	542 B
2	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3332	49 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	88 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 ajax.googleapis.com — Cisco Umbrella Rank: 607	31 KB
1	lijit.com 1 redirects ap.lijit.com	551 B
1	sharethrough.com match.sharethrough.com
1	stickyadstv.com 1 redirects ads.stickyadstv.com	610 B
1	bing.com c.bing.com	667 B
1	linkedin.com px.ads.linkedin.com	513 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	61 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 43056	522 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4211	1 KB
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 812	98 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293	398 B
1	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 44841	652 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1291	1 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 43478	6 KB
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1973	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	44 KB
0	a-mx.com Failed id.a-mx.com Failed
0	creativecdn.com Failed creativecdn.com Failed
0	ck-ie.com Failed us.ck-ie.com Failed
0	1rx.io Failed sync.1rx.io Failed
0	richaudience.com Failed sync.richaudience.com Failed
0	creative-serving.com Failed ads.creative-serving.com Failed
190	62

	Domain	Requested by
17	id5-sync.com	11 redirects ads.themoneytizer.com ced.sascdn.com paste1s.com csync.smartadserver.com
16	onetag-sys.com	4 redirects ads.themoneytizer.com onetag-sys.com
15	eb2.3lift.com	3 redirects paste1s.com ads.themoneytizer.com eb2.3lift.com
14	cm.g.doubleclick.net	10 redirects onetag-sys.com googleads.g.doubleclick.net eb2.3lift.com
12	pagead2.googlesyndication.com	paste1s.com ib.3lift.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	ads.themoneytizer.com	paste1s.com ads.themoneytizer.com
9	ib.adnxs.com	7 redirects csync.smilewanted.com paste1s.com
7	prebid.a-mo.net	ads.themoneytizer.com paste1s.com
6	match.adsrvr.org	6 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	s.cpx.to	p.cpx.to paste1s.com
4	csync.smilewanted.com	1 redirects ads.themoneytizer.com csync.smilewanted.com
4	c.4dex.io	paste1s.com
4	c1.adform.net	4 redirects
4	ups.analytics.yahoo.com	3 redirects onetag-sys.com
4	paste1s.com	paste1s.com
3	ib.3lift.com	paste1s.com
3	csync.smartadserver.com	paste1s.com csync.smartadserver.com
3	b1h.zemanta.com	1 redirects ads.themoneytizer.com paste1s.com
3	tlx.3lift.com	ads.themoneytizer.com paste1s.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com ib.3lift.com
3	x.bidswitch.net	2 redirects onetag-sys.com
3	ssbsync-global.smartadserver.com	2 redirects onetag-sys.com
3	pixel.rubiconproject.com	1 redirects onetag-sys.com
3	fonts.gstatic.com	fonts.googleapis.com
3	gum.criteo.com	ads.themoneytizer.com
2	u.openx.net	2 redirects
2	u.4dex.io	ads.themoneytizer.com u.4dex.io
2	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	cs.lkqd.net	1 redirects googleads.g.doubleclick.net
2	ced-ns.sascdn.com	paste1s.com csync.smartadserver.com
2	ww1097.smartadserver.com	ced.sascdn.com
2	image2.pubmatic.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	pbjs.e-planning.net	1 redirects paste1s.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.amazon-adsystem.com	onetag-sys.com
2	id.rlcdn.com	onetag-sys.com
2	pixel-eu.rubiconproject.com	1 redirects onetag-sys.com
2	sync.mathtag.com	2 redirects
2	fstatic.netpub.media	1 redirects paste1s.com
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	c.tmyzer.com	ads.themoneytizer.com
2	cmp.quantcast.com	paste1s.com cmp.quantcast.com
2	cdnjs.cloudflare.com	paste1s.com cdnjs.cloudflare.com
1	ap.lijit.com	1 redirects
1	match.sharethrough.com	csync.smilewanted.com
1	ads.stickyadstv.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	static.smilewanted.com	csync.smilewanted.com
1	assets.a-mo.net	prebid.a-mo.net
1	s0.2mdn.net	paste1s.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	pixel.quantserve.com	paste1s.com
1	secure.adnxs.com	1 redirects
1	adtrack.adleadevent.com	ajax.googleapis.com
1	rtb-csync.smartadserver.com	1 redirects
1	mp.4dex.io	ads.themoneytizer.com
1	adx.adform.net	ads.themoneytizer.com
1	hb-api.omnitagjs.com	ads.themoneytizer.com
1	ad.360yield.com	ads.themoneytizer.com
1	lb.eu-1-id5-sync.com	ads.themoneytizer.com
1	kvt.sddan.com	ads.themoneytizer.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	image8.pubmatic.com	onetag-sys.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	cdn.shopify.com	paste1s.com
1	www.googletagmanager.com	paste1s.com
1	fonts.googleapis.com	paste1s.com
0	prebid-server.rubiconproject.com Failed	paste1s.com
0	ow.pubmatic.com Failed	paste1s.com
0	ssum.casalemedia.com Failed	paste1s.com
0	image4.pubmatic.com Failed	paste1s.com
0	cm.adform.net Failed	paste1s.com
0	dis.criteo.com Failed	paste1s.com
0	id.a-mx.com Failed	paste1s.com
0	creativecdn.com Failed	csync.smilewanted.com
0	us.ck-ie.com Failed	csync.smilewanted.com
0	sync.1rx.io Failed	csync.smilewanted.com
0	sync.richaudience.com Failed	csync.smilewanted.com
0	b1sync.zemanta.com Failed	eb2.3lift.com
0	ads.creative-serving.com Failed	eb2.3lift.com
0	prebid.smilewanted.com Failed	ads.themoneytizer.com
190	92

This site contains links to these domains. Also see Links.

Domain
www.encasabotanics.co.uk
link1s.com
1shorten.com
kiemlua.com

Subject Issuer	Validity	Valid
*.paste1s.com GTS CA 1P5	`2023-04-03` - `2023-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
cdn.shopify.com R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
cmp.quantcast.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
c.tmyzer.com R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
kvt.sddan.com R3	`2023-04-08` - `2023-07-07`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-27`	6 months	crt.sh
*.a-mo.net R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
adtrack.adleadevent.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-12`	5 months	crt.sh
c.4dex.io GTS CA 1D4	`2023-03-06` - `2023-06-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
u.4dex.io GTS CA 1D4	`2023-03-05` - `2023-06-03`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-03-07` - `2023-09-07`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://paste1s.com/notes/3VQCO5Y
Frame ID: B40F6AAE25FBE1A90E97E52F3B276A19
Requests: 87 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Frame ID: 39EFFE500CB2FFFEEFCB8FE2F2F7DE35
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 5C6C0211525623E58FA6D8B69EA65B1F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Frame ID: A88EC12B809BB64751C4EE7F770A9DCB
Requests: 5 HTTP requests in this frame

Frame: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Frame ID: A9050F3B710366C120072074BB69F8E3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Frame ID: 88B222C8109DFD94C28C0F1A4E9DFE1F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 511FCB2EBF5A80D8373353E9A0C10D4F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D288FD50ECC6F95FD9AD8DE3C964A8C9
Requests: 3 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html
Frame ID: 72CC89E3FE2A6C29A6809F1FBF58FF2B
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 0CF3EB56D52026C258855C0904FEE207
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Frame ID: 2E40A3A87B823369423973439B8E3579
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 404882CDF051419C4DEC7B5BCEB4054C
Requests: 11 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 50536420CC39DA39398B1BDC1DB528E6
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D81B199C7309C38F878342D7B15D3104
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_
Frame ID: C58D78D3B9BED3C45D06185DB7BC1BF3
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: AE29E305FD1CFEAD575CEF4CC3FA315B
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Frame ID: BEF9AE4342A620266F874A905A83E688
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1
Frame ID: B3319365B22B1918DCB21215C02DF63A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
Frame ID: 83DD833510B7EF8B4859429FAD2B862A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Frame ID: F92B20E1E443D512ADBA456F04FE84EB
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 891843FD95221FC238FAF96D750D2E74
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 5F0E7E7B7E9F9D1AA272955F4B421630
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
Frame ID: AFE22DD3314F800087A74B3C481646A0
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
Frame ID: 2FD76CD88A32C61486DAE0AB99D05DEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Note: The Top Buy CBD Vape Oil Gurus Can Do Three Things

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

190
Requests

67 %
HTTPS

0 %
IPv6

62
Domains

92
Subdomains

64
IPs

9
Countries

1206 kB
Transfer

3287 kB
Size

72
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.encasabotanics.co.uk/collections/cbd-vape-eliquids-uk
Title: cbd vaping e liquid

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút gọn link kiếm tiền

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All shorteners in One

Search URL Search Domain Scan URL

URL: https://kiemlua.com/
Title: Kiếm tiền Online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1682114336716 HTTP 301
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js

Request Chain 28

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=

Request Chain 30

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470

Request Chain 32

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=

Request Chain 35

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1

Request Chain 39

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=

Request Chain 70

https://pbjs.e-planning.net/pbjs/1/2a156/1/paste1s.com/ROS?rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c HTTP 302
https://pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c

Request Chain 76

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%

Request Chain 77

https://id5-sync.com/i/102/8.gif?id5id=ID5*1CMTCdNeeAGgypd3qpEK37cgMUtT1OldJobLMpYFa3JFWbVsnq2wbdauLte_6rTSRVo5S2JfiRq_LaQ_OClLsg&o=api&gdpr_consent=undefined&gdpr=0 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/7/2.gif?puid=7772941124511262273&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/3/6/3.gif?puid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%% HTTP 302
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/104/4/5.gif?puid=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/112/3/6.gif?puid=39ECE741232877CF&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/102/10/2/7.gif?puid=8606878047360377700&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/2/1/8.gif?puid=4417596967988441470&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F0%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=

Request Chain 79

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y%26hn_ver%3D40%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d

Request Chain 80

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d

Request Chain 81

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1

Request Chain 114

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/2/8/2.gif?puid=4417596967988441470&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1

Request Chain 116

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1

Request Chain 118

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMHJsJHTh99ivxjzWBVCAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1

Request Chain 133

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 135

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

Request Chain 140

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q

Request Chain 141

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0

Request Chain 142

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470

Request Chain 143

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273

Request Chain 145

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA

Request Chain 146

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQ1NzIyQ0ItOTNGQS00RjAzLTlFRkEtMUY1QzkyRUJBQjMx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEVV9byWpApOjUpga3NdsCE&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=114&uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1

Request Chain 148

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A

Request Chain 149

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=863f23c4-62ba-42d3-ac8d-e0bed9cd78aa&ssp=onetag

Request Chain 152

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 153

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 155

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D

Request Chain 157

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3884473132729541786822&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=

Request Chain 159

https://pr-bh.ybp.yahoo.com/sync/triplelift/3884473132729541786822?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883

Request Chain 161

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 163

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true HTTP 307
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_

Request Chain 165

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f

Request Chain 167

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1

Request Chain 168

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca

Request Chain 169

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0

Request Chain 172

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1

Request Chain 173

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8

Request Chain 175

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=090bc00d-2a93-4bdb-b17d-508f6930049e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40

Request Chain 176

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=090bc00d-2a93-4bdb-b17d-508f6930049e HTTP 302
https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0

Request Chain 177

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0

Request Chain 179

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273

Request Chain 180

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D090bc00d-2a93-4bdb-b17d-508f6930049e%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dpubmatic%26uid%3DA45722CB-93FA-4F03-9EFA-1F5C92EBAB31

Request Chain 182

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_

Request Chain 183

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470

190 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3VQCO5Y Show response
paste1s.com/notes/ 24 KB
10 KB 490ms
198ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

fc8c1d41c334140c6f3880ddea76ac68f0d1f8bd1c482ba10c1c854890b55499

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7bb8e427c9ba9bb6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 21:58:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZcgQlNM8HN1ysLQ3s05rIOdYrXBvqZJAZ60vM%2Fdp1AgsYq8AC12vZImCq0Ly%2BPpD9M%2FOR2u0g4Bi%2BHnznaVk1dUK1KlWHwlbXxgr7ox7palbO0XQymgiTkKAMZnEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
948 B 454ms
155ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

a1b9252c2f0ce90582dec0abda9ea678661ec6b509f3330919e1c67ce0741b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 21:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 20:00:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 21:58:56 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 430ms
149ms Stylesheet
text/css 188.114.98.0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.98.0 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 359006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpZuHD70%2FkU4KN%2BVrqE%2BagEroJegw%2Bl7%2BNmHSsCxsrfaV3NQkv8wtGk09Ff8LgImGAuza2stS1vqt5lDPgzEk%2F4ux4ex6HbJbz5DEasLJJXo2zysmnaTTfGY9QRVNmYHyCFZnyAd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bb8e42adc275c44-FRA
expires: Wed, 10 Apr 2024 21:58:56 GMT

GET
H2 200 app.css
paste1s.com/css/ 143 KB
25 KB 147ms
146ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/css/app.css?id=ebe28cb9d875b19bed6b

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0138a397ea954dfb7486525dcfdb18ff24b7c4d6c501981b76d731277f26f879

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/notes/3VQCO5Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499895
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 05:02:47 GMT
server: cloudflare
etag: W/"63dc9577-23c92"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xsd1rs2eAw1KvDp5HkP1MXoP8n16%2FZUMBFEjaTwRZOrwkC2J11lvgcBD95vKZBsk5fRAMZvz%2BuP09PdG43TWQtoIamJPmvB9Z4ybAl0VCJL8jH6pE%2B21WPVIMcwJ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7bb8e4291b419bb6-FRA
expires: Tue, 16 May 2023 03:07:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 448ms
152ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

892245a61373c7d74f1209a05ec18deece342e31b9ad4d2cbd506ba00f1e3581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45007
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 21:58:56 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 477ms
156ms Script
text/html 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AZySIRA+aZr/S/sAAA
x-accel-expires: @1682654805
date: Fri, 21 Apr 2023 21:58:56 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb200743642e0e1a1e
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 64331

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 117 KB
18 KB 556ms
234ms Script
text/html 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 6cab717d72036eb7ea203aea8be175c98c26d0d5ef7e108df8687eed7b1678c5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AZySIRBsrKf/9uwAAA
x-accel-expires: @1682658474
date: Fri, 21 Apr 2023 21:58:56 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb200743649cb5211e
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 60662

GET
H3 200 logo.png
paste1s.com/images/ 23 KB
24 KB 145ms
144ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste1s.com/images/logo.png

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/notes/3VQCO5Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2219593
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23690
pragma: public
last-modified: Fri, 03 Feb 2023 05:02:56 GMT
server: cloudflare
etag: "63dc9580-5c8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsDCi1ToIHU7z5eYz5X6bE3sbfuB8hYDWNy4ntrlZTuGEVmV78%2ByeOb3TGv7mG9NYSAgMiF36DnNCeyp17oynRYAKyPTmD8h2rlkEDqwucypBiEZMBvUvhygFX7v3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7bb8e42bee7c37da-FRA
expires: Wed, 26 Apr 2023 05:25:43 GMT

GET
H2 200 EB_logo_White_BG_150x.png
cdn.shopify.com/s/files/1/0370/3865/3572/files/ 8 KB
8 KB 453ms
157ms Image
image/avif 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0370/3865/3572/files/EB_logo_White_BG_150x.png?v=1613630271

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

22560f4ac08886d0801899adf990f533041a6be25d3a2c77d270d63a5528df44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,gcp-us-east1
age: 200560
source-type: image/png
server-timing: imagery;dur=610.520, imageryFetch;dur=65.594, imageryProcess;dur=543.796;desc="image", cfRequestDuration;dur=17.999887
source-length: 666512
content-length: 7699
x-xss-protection: 1; mode=block
x-request-id: 10ddbf30-274a-4665-92c4-a8a5fe80ff0e
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 10 Apr 2023 12:32:41 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fe5GiX5tCybS8m1S0e8OJb0MEgyfimbUtGjsJavET86Lp4dYZ7zuyftXdfP8MA33cpS2dmMkV%2FsVtHC2oYCZSSVn1Q1gAg05mPtjtg1yGa9rm%2FWdp59NF3xhyWgyb1oPjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0370/3865/3572/files/EB_logo_White_BG_150x.png>; rel="canonical"
cf-ray: 7bb8e42dca3c9a41-FRA

GET
H3 200 app.js Show response
paste1s.com/js/ 258 KB
84 KB 281ms
279ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste1s.com/js/app.js?id=0e83dba9e8630f1a1f92

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e5fb043938f7aff456e97c06d85e24de3ed2a33dd62dea9886c24b67061185

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/notes/3VQCO5Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2216391
cf-polished: origSize=263816
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Fri, 03 Feb 2023 05:02:47 GMT
server: cloudflare
etag: W/"63dc9577-40688"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMOcodSUWSfamHot%2FhGkJli55w16unqheLgQVnxnTHBBtHiTYGHPd0VnN2yV6%2BDB8knI9KZmOgp7A56RCuAiB4A4PeX0m6orx5aGlurCO%2FDd7VJh8cdmUDG%2Bgs1Pmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 7bb8e42bee7a37da-FRA
expires: Wed, 26 Apr 2023 06:19:05 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 433ms
137ms Script
application/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:46 GMT
content-encoding: br
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 10
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: _-LtCEhIsjq2_WJUFNB8xkbtrRex_RdCdwwwBjOOhv7qZF6q8o3XcQ==

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 171ms
171ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 21 Apr 2023 21:58:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 64333
x-77-nzt: AZySIRDAZ8f/TfsAAA
pragma: public
x-accel-expires: @1682136403
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb20074364d5176728
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 22 Apr 2023 04:06:43 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 496ms
158ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93800&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 21:58:57 GMT
server: nginx
x-iplb-request-id: 5BEFCEB9:F674_36264064:01BB_64430720_C0009CF:1C87A
x-iplb-instance: 20687
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
778 B 153ms
150ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 21 Apr 2023 21:58:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 64332
x-77-nzt: AZySIRC3Nqf/TPsAAA
pragma: public
x-accel-expires: @1682136404
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb200743640ceedd2d
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 22 Apr 2023 04:06:44 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 104 KB
35 KB 543ms
221ms Script
application/javascript 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5a200b67450da7b221ae617a078d3114819e73384cf781b22ca84cc8d53cc5d5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:58:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 35223
Expires: Fri, 21 Apr 2023 23:58:57 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 449ms
149ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 368713
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 454ms
157ms Script
application/javascript 104.22.24.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 3119
cf-polished: origSize=62056
cf-bgj: minify
last-modified: Fri, 21 Apr 2023 21:06:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://deinautomagazin.de
cache-control: public, max-age=3600
access-control-allow-credentials: true
cf-ray: 7bb8e42e9e2d9bce-FRA
access-control-allow-headers: *
expires: Fri, 21 Apr 2023 22:06:58 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 648ms
158ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:58:57 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: 5BEFCEB9:36FA_91EFC0A6:01BB_64430720_A6DFE75C:237B7
ETag: "6167dbf8-15ab"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 39EF 4 KB
2 KB 453ms
150ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

ecbc60f0ded5c6ff9296cc46eeec859bd919e53c5e87154b31bfe2c3d4e980aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1375
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 442ms
147ms Script
application/javascript 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 28 Apr 2023 21:58:57 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12771/ 2 KB
2 KB 512ms
166ms Script
application/javascript 18.200.133.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12771/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.133.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-133-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
cache-control: max-age=2419200, public
content-length: 1990
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 461ms
167ms Script
text/javascript 65.9.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-64.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 23:12:05 GMT
Via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
Age: 82013
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: rSMjs9ntxV1T_h49AgGMRH-bxlcAtNTy1rtsbnnhZ4mBD7x5zhDZHg==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_44/build/dist/ 556 KB
181 KB 173ms
171ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: fb6f64025c97613b5f8518dae9e2373bb3cfb3217c45af3aa9a84e3d82f835f1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 21 Apr 2023 21:58:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 64333
x-77-nzt: AZySIRBSD4z/TfsAAA
pragma: public
x-accel-expires: @1682136403
last-modified: Thu, 13 Apr 2023 19:58:21 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb200743643bbf882e
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 22 Apr 2023 04:06:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 535ms
241ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d74e0bc3c37ed1660d8167657b25e05e856d8e817227e713900127232ebc8aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47839
x-xss-protection: 0
server: cafe
etag: 14289489978146210007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 21:58:57 GMT

GET
H2

404

service.js
fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/
Redirect Chain

https://fstatic.netpub.media/static/65252e09f37568e50b939acc69d175c0.min.js?1682114336716
https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js

0
0

163ms
163ms

Script
text/html

104.26.5.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 104.26.5.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 21 Apr 2023 21:58:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMi%2BbiKDkJok8bGhURf6ciCHY1IJdzEFRa2CkRTcGIlQKMzFXjKvr8XXl5GYEhAn08if5AyWOBTuLhLUnDi2yfRALX8Ils62%2FjnOFniDcczaxs%2B1QHF5MFiIYcZcECNkaKyNuFhG"}],"group":"cf-nel","max_age":604800}
location: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js
cache-control: max-age=3600
cf-ray: 7bb8e4309dc0bb8f-FRA
expires: Fri, 21 Apr 2023 22:58:57 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 290ms
145ms Font
application/octet-stream 188.114.98.0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.98.0 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://paste1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 360552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiyKhV5Hs7laFGVW%2F%2BPVrP%2FmWXHjmAxYaiYwKFHMDCb2XjIs2fpTEj41fdi4fLbpPbzIW4fWqagwA1v63f1H5OPp%2Bn2bP71Hm6u7Ulpmz7uAtjKNsMaN2qXV7QsnHczpK1z7MrbN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bb8e42dd8eb3a84-FRA
expires: Wed, 10 Apr 2024 21:58:56 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 434ms
141ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 158045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 12 KB
13 KB 437ms
160ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTo3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:55:27 GMT
x-content-type-options: nosniff
age: 147810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12736
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 04:55:27 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
47 KB 145ms
144ms Script
text/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:10 GMT
content-encoding: gzip
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 95028
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"a18627a302da47ec97015f587007f1a6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: wLJ_vRzLMBuJFnEP3TcOUl8XzVv_kMUYGCUcD8ja7u3WWILWlYr6Mg==

GET
H2

200

/
onetag-sys.com/match/ Frame 39EF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=

0
291 B

147ms
147ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 21 Apr 2023 21:58:57 GMT
Server: MT3 830 785530e master zrh-pixel-x11 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 21 Apr 2023 21:58:56 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 39EF 0
239 B 584ms
135ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 39EF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470

0
291 B

148ms
148ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 21 Apr 2023 21:58:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 36ba1dbf-8764-4b15-a288-f078c4acd9f9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4417596967988441470
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 39EF 42 B
774 B 672ms
144ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 39EF
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=

170 B
243 B

148ms
148ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT2gw8nJiRq1hsOLmzGBTAIYLY6W2jKA&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 39EF 0
75 B 564ms
156ms Image
text/plain 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 39EF 0
0 441ms
144ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 39EF
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8

43 B
479 B

972ms
240ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:58:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7JJC9F8X5AAQ4DDS0GW9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 39EF 0
42 B 463ms
142ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:56 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 39EF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1

0
291 B

148ms
148ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 39EF 0
125 B 469ms
149ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 39EF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=

0
291 B

148ms
148ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H2 200 sync
x.bidswitch.net/ Frame 39EF 43 B
146 B 458ms
146ms Image
image/gif 3.120.144.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1682114336697
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.144.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-144-155.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 444ms
137ms Script
text/javascript 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 20:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4993
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 22:35:44 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 435ms
138ms Script
application/javascript 18.66.97.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:48:08 GMT
content-encoding: gzip
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: ds2F6Y_nJePl6Bg9wchNzlYpjflMXoZvHmUTvQDemm0TwMqbusq8fA==

GET
H2 200 / Show response
spl.zeotap.com/ 95 B
441 B 156ms
156ms XHR
image/png 104.22.24.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://paste1s.com
access-control-allow-credentials: true
cf-ray: 7bb8e43038759bce-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 429ms
138ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 05:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 05:30:41 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 465ms
154ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://paste1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 21 Apr 2023 21:58:57 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 293098
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
369 B 149ms
148ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaste1s.com%2F&domain=paste1s.com&cw=1&lsw=1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 227907
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 134 B
539 B 456ms
150ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://paste1s.com
date: Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1002 B 441ms
148ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:58:57 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 103807
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BdB7PUXperczKAP7AcLB7rFMLdXaCN84vBbRxsMCDEWt%2FClEkuxLLxye6wNqOoclNVjnUjUWWKvOEpxPzKZh9K3eqqM69Q7sQGNqyoluDHD9q%2Fck2L2r4sgUkbWUtsq"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7bb8e4323c462c22-FRA

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 664 B
1014 B 691ms
171ms Script
application/javascript 79.125.111.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12771/px.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dd19c7daef60997e8100a638e67d902d7337b7d04b123aeaf762f11ffa5cf0e5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Fri, 21 Apr 2023 21:58:57 GMT
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 664
expires: Fri, 21 Apr 2023 21:58:57 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2
fonts.gstatic.com/s/nunito/v25/ 4 KB
4 KB 139ms
138ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTs3j77e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paste1s.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 14:09:59 GMT
x-content-type-options: nosniff
age: 287338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4252
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:27:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 14:09:59 GMT

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 574 B
1 KB 448ms
150ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

ee90c34f782072d4d22c8a9029cd3608b5c81190761e34ef2b3f799e3928a86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://paste1s.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 507 B
652 B 478ms
163ms XHR
application/json 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Apr 2023 21:58:57 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste1s.com
Cache-Control: private, max-age=60
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 5C6C 10 KB
5 KB 427ms
135ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

age: 28220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 14:08:38 GMT
etag: 2378337311435320485
expires: Fri, 05 May 2023 14:08:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 179ms
177ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=42532089%2C44759837%2C42532185%2C44759876%2C44759927%2C31073968%2C31074011%2C44789761

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
112 B 179ms
177ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=modern_js&fy=2021&supports=true&c=2021&eid=42532089%2C44759837%2C42532185%2C44759876%2C44759927%2C31073968%2C31074011%2C44789761

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 457ms
148ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

3f05ae8fbc9c6ccb3447dd3a71665ca872318d3996369313c374968ad3aaa14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://paste1s.com
date: Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 423ms
146ms Fetch
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:58:58 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 146173
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIQr5ovmCdzTn03mfC4CxmDubHA0ehXhJtGU4zcTYowDn6hcPT8HzW%2FUaOkMCeO3%2BBlnGmYrjIYqilj3AufSCE70PUQC4X%2B%2B%2BfkQXwcMQ%2FJknXCp30EKhHoRnoPE7wN6"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7bb8e4350d4c2c47-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 144ms
144ms XHR
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1309068373&t=pageview&_s=1&dl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ul=en-us&de=UTF-8&dt=Note%3A%20The%20Top%20Buy%20CBD%20Vape%20Oil%20Gurus%20Can%20Do%20Three%20Things&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=590526638&gjid=266709446&cid=1387979014.1682114338&tid=UA-129758818-17&_gid=908602986.1682114338&_r=1&gtm=457e34j0&jsscut=1&z=2050148610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 28 KB
10 KB 576ms
256ms XHR
application/json 3.125.61.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&tmax=3000&gdpr=false

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.61.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-61-64.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f4f84044c9f3e680342c05e5879575337a46d2ceffb9cee2cf9e840fd26a1d36

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:58 GMT
content-encoding: gzip
accept-ch: sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 10179
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
498 B 152ms
152ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://paste1s.com
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 pb Show response
ad.360yield.com/1602/ 0
98 B 767ms
170ms XHR
text/plain 18.203.73.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1602/pb
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.73.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-73-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://paste1s.com
date: Fri, 21 Apr 2023 21:58:58 GMT
access-control-allow-credentials: true

POST
H2 200 c Show response
prebid.a-mo.net/a/ 486 B
820 B 489ms
162ms XHR
application/json 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 56eae18860c4066cfed9fd5acc171937087f46fc042a8df7e56418df29a63f24

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste1s.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
content-length: 260

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 714 B
1 KB 505ms
172ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&PageUrl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&PageReferrer=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

8798b894d9c957b5e9a4f3795cf3641b999ce18af4623b9a71a2e063fde7cc64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 13
content-length: 714
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
528 B 543ms
210ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 prebid Show response
mp.4dex.io/ 173 B
1 KB 1525ms
229ms XHR
application/json 104.18.2.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b8a613f62dd2e1322dc323643269dca40df467b329d2c583ba3c57e3b57f2e

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Fri, 21 Apr 2023 21:58:59 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26711, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26300, Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste1s.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7bb8e43bf9763aa3-FRA
expires: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2a156/1/paste1s.com/ROS?rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300...
https://pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x1...

101 B
511 B

180ms
179ms

XHR
application/json

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef64c06e715e181775e12a4f1ff456c55ceb742a0193ded36926cf6bc6d7f87b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 21 Apr 2023 21:58:59 GMT
date: Fri, 21 Apr 2023 21:58:59 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://paste1s.com
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 101
x-sid: AMS-936

Redirect headers

date: Fri, 21 Apr 2023 21:58:59 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://paste1s.com
location: /hb/1/2a156/1/paste1s.com/ROS?ct=1&r=pbjs&rnd=0.5686664126943217&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&pbv=7.44.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&gdpr=0&e_pubcid=214c568c-e777-402f-9dc8-b2211122e40c
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-936

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
117 B 2062ms
252ms XHR
text/plain 64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://paste1s.com
Access-Control-Allow-Credentials: true

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 339 B
574 B 457ms
151ms XHR
text/html 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=6&formatid=26328&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AZySIRAVBKL/S9wAAA
x-accel-expires: @1682662743
date: Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d5ae506d42207436498fa2e0d
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paste1s.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 56395

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 339 B
573 B 460ms
153ms XHR
text/html 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: bccf82d43a087f44f18f52a191ab456f4186e4477617fdf09c6b66e3d4470d57

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AZySIRDs3xH/S9wAAA
x-accel-expires: @1682662743
date: Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d5ae506d4220743648727570d
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paste1s.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 56395

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 343 B
572 B 459ms
153ms XHR
text/html 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=19&formatid=26711&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AZySIRC/ch//S9wAAA
x-accel-expires: @1682662743
date: Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d5ae506d42207436433744a0d
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paste1s.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 56395

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 343 B
571 B 458ms
152ms XHR
text/html 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93800&adid=2&formatid=26300&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: a22ef20b5eeb20da6a9305f243c83cf3c969efdad6264e8025bb41a7a8b6159f

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AZySIRCsqmj/S9wAAA
x-accel-expires: @1682662743
date: Fri, 21 Apr 2023 21:58:58 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d5ae506d4220743649ea23c0d
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paste1s.com
x-77-cache: HIT
cache-control: max-age=604800
x-age: 56395

GET
H/1.1

404

264.gif
id5-sync.com/k/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%

43 B
43 B

149ms
148ms

Image
text/html

162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

HTTP/1.1

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:57 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: text/html;charset=utf-8

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H/1.1

200

9.gif
id5-sync.com/c/102/10/0/
Redirect Chain

https://id5-sync.com/i/102/8.gif?id5id=ID5*1CMTCdNeeAGgypd3qpEK37cgMUtT1OldJobLMpYFa3JFWbVsnq2wbdauLte_6rTSRVo5S2JfiRq_LaQ_OClLsg&o=api&gdpr_consent=undefined&gdpr=0
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F7%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/7/2.gif?puid=7772941124511262273&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/102/3/6/3.gif?puid=f65e6443-0722-4e00-9d60-49400f7fbaa8&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%%
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F5.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/104/4/5.gif?puid=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/112/3/6.gif?puid=39ECE741232877CF&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/102/10/2/7.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/1/8.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/1/8.gif?puid=4417596967988441470&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F0%2F9.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=

43 B
2 KB

149ms
149ms

Image
image/gif

162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

HTTP/1.1

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 21 Apr 2023 21:59:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://id5-sync.com/c/102/10/0/9.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
522 B 926ms
167ms XHR
application/x-javascript 52.31.91.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.91.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-91-58.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:58:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2023 21:58:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://paste1s.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12771%26ref%3D%26url%3Dhttps%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y%26hn_ver%3D40%26fid%3D...
https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d

95 B
865 B

227ms
171ms

Image
image/png

79.125.111.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

HTTP/1.1

Server

79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-79-125-111-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
x-frame-options: sameorigin
Content-Type: image/png
p3p: CP="NOI DEV ADM"
cache-control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95
expires: Fri, 21 Apr 2023 21:58:58 UTC

Redirect headers

Date: Fri, 21 Apr 2023 21:58:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cf4d04b7-0190-487d-8560-4b98825ab7f9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/an_fire?app_nexus_uid=4417596967988441470&pid=12771&ref=&url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&hn_ver=40&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3De14c819d-15f9-4e6f-9778-eb73150bcf8d
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d

95 B
589 B

170ms
170ms

Image
image/png

79.125.111.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: HTTP/1.1
Server: 79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Fri, 21 Apr 2023 21:58:58 GMT
Content-Type: image/png
Connection: keep-alive
Content-Length: 95
expires: Fri, 21 Apr 2023 21:58:58 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
date: Fri, 21 Apr 2023 21:58:57 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD

95 B
584 B

301ms
171ms

Image
image/png

79.125.111.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: HTTP/1.1
Server: 79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-111-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Fri, 21 Apr 2023 21:58:58 GMT
Content-Type: image/png
Connection: keep-alive
Content-Length: 95
expires: Fri, 21 Apr 2023 21:58:58 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dsp=TTD
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 179

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d
https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1

95 B
804 B

174ms
172ms

Image
image/png

79.125.111.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

HTTP/1.1

Server

79.125.111.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-79-125-111-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
x-frame-options: sameorigin
Content-Type: image/png
cache-control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/ca.png?dsp=dbm&fid=e14c819d-15f9-4e6f-9778-eb73150bcf8d&google_gid=CAESENGN_6ME5-oIgNdOPmMqe6I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 569 B
1 KB 288ms
149ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

f29d2835c1e6d4b6bf8db200d268fed481ed8be1f46a45148fc396584d210efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://paste1s.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 pixel;r=1206770233;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y;uht=2;fpan=1;fpa=P0-1442885964-1682114337244;pbc=;ns=0;ce=1;qjs=1;...
pixel.quantserve.com/ 35 B
372 B 149ms
147ms Image
image/gif 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1206770233;labels=Categories.technologyandcomputing;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y;uht=2;fpan=1;fpa=P0-1442885964-1682114337244;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;us_privacy=1---;ref=;d=paste1s.com;dst=0;et=1682114337743;tzo=0;ogl=title.Online%20Notepad%2Cdescription.note1s%252Ecom%20is%20your%20online%20notepad%20on%20the%20web%252E%20It%20allows%20you%20to%20store%20notes%20on%20th%2Cimage.https%3A%2F%2Flh3%252Egoogleusercontent%252Ecom%2Fproxy%2FFbbmTTxOezBpLsfx2__U9Iirj6ntJFpFNrjuFVOH%2Clocale.en_US%2Ctype.website%2Csite_name.Online%20Notepad;ses=0166c066-2e18-434e-a6b8-1279508fca68

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:58:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
44 B 434ms
147ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=26328&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=1x1%7C728x90%7C728x250%7C970x90%7C1000x90%7C1000x30%7C990x90%7C950x90%7C300x250&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=6&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
44 B 433ms
147ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=26322&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=728x90%7C320x50%7C300x50%7C320x100%7C300x100&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Coutbrain%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=1&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
44 B 432ms
147ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=26711&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=300x250%7C300x168&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Coutbrain%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=19&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 bids.gif Show response
c.4dex.io/ 0
254 B 430ms
146ms XHR
text/plain 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/bids.gif?adu_code=26300&evt=init&ts=1682114338296&pv_id=ad681fff-c064-4a15-8220-fe891e96f655&amts=ban&asizes=300x250%7C300x168&url=undefined&auct_id=a800f336-f115-43e6-b82d-df35b6534725&auct_start=1682114337821&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1682114335617&partid=2023042121&bidders=triplelift%2Conetag%2Cimprovedigital%2Camx%2Cadyoulike%2Cadform%2Csmilewanted%2Cadagio%2Ceplanning%2Coutbrain%2Cmoneytizer&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=&org_id=1015&pgtyp=&plcmt=2&site=93800-paste1s-com&subcat=&os=windows&brwsr=chrome&u_ts=1682114337&adgjsv=1.16.2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:58:58 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 517ms
149ms Preflight 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://paste1s.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://paste1s.com
date: Fri, 21 Apr 2023 21:58:59 GMT
vary: Origin

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 2 KB
2 KB 485ms
179ms XHR
application/javascript 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: a4398b4a43a6198a22ef0fc2e7368c3a129778a50da9286fdb436738ad956b27

Request headers

Referer: https://paste1s.com/
accept-language: ka-GE,ka;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:00 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://paste1s.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 181ms
181ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=93800&f=6&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 -, , ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 21 Apr 2023 21:59:00 GMT
server: nginx
x-iplb-request-id: 5BEFCEB9:F674_36264064:01BB_64430721_C0009D1:1C87A
x-iplb-instance: 20687
transfer-encoding: chunked
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK CookieSync.html Show response
csync.smartadserver.com/diff/rtb/csync/ Frame A88E 435 B
744 B 467ms
144ms Document
text/html 2.16.186.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 435
Content-Type: text/html
Date: Fri, 21 Apr 2023 21:59:01 GMT
ETag: "4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified: Tue, 22 Feb 2022 09:59:54 GMT
Server: AkamaiNetStorage

GET
H2 200 lib_footer_slidein.js Show response
ads.themoneytizer.com/ 25 KB
4 KB 152ms
152ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 79ee4ccd74ffe68cb3992c0f6044438847b5331c419b0fb733d851dc50528f79

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 21 Apr 2023 21:59:01 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 64334
x-77-nzt: AZySIRDVONv/TvsAAA
pragma: public
x-accel-expires: @1682136407
last-modified: Fri, 07 Apr 2023 14:03:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb25074364bb78bd01
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 22 Apr 2023 04:06:47 GMT

GET
H2 200 lib_watermark.js Show response
ads.themoneytizer.com/ 6 KB
2 KB 154ms
154ms Script
application/javascript 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_watermark.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93800&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: b8b0db583acb8255792448212abc01984bed38a2799697ef8b9b09d410b283d0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 21 Apr 2023 21:59:01 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 64338
x-77-nzt: AZySIRCCvtn/UvsAAA
pragma: public
x-accel-expires: @1682136403
last-modified: Fri, 07 Apr 2023 14:30:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb25074364ec38c801
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 22 Apr 2023 04:06:43 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/ Frame A905 180 KB
58 KB 454ms
164ms Script
text/javascript 13.32.99.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca4632c98402232ce11da4c8e646385be9993ff53bc0fe70fc5bce163f41f674

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 16:18:13 GMT
content-encoding: gzip
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1230049
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 58649
last-modified: Fri, 07 Apr 2023 15:59:41 GMT
server: AmazonS3
etag: "92969ce251b9c0b6147d989e6fdf8c76"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: KErFv2mswHv9_6wR0HoOUr9fGlBkmvy5DlLCTYg38uNueATWUBC10Q==

GET
H/1.1 200
OK close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 654ms
155ms Image
image/png 2.16.186.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:59:01 GMT
Last-Modified: Wed, 20 Oct 2021 08:07:22 GMT
Server: AkamaiNetStorage
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1802

GET
H2 200 notify
tlx.3lift.com/header/ Frame A905 37 B
220 B 149ms
149ms Image
image/gif 3.125.61.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1682114338&aid=41034828375837575997032&ec=5989_151074_481978833&n=GgDyAtgBCAASFzQxMDM0ODI4Mzc1ODM3NTc1OTk3MDMyGAAgASjlLjCinAlAAUgBUAFgCmgAcKn5IpABAJgBAKgBALgBCsABDcgBEPAB1gH4ARCAAg2RAgAAAAAAAPA%2FmQJSuB6F61HIP6gCALACAcgCBNgCAPECZmZmZmZm5j%2F4AoUvgAPYBYgDWpADAJgDAKADAbgDpYU8yAMA0gMJNDgxOTc4ODMz2gMJODQ5MTIyMjk44AO3m%2BlE6QMAAAAAAAAAAPADEPkDAAAAAAAAAACABAiJBFK4HoXrUcg%2F%2BAIMiAMAkgMEYzYyN5gDAKAD4r0cqAMA
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.61.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-61-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 21:59:01 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 tm.png
ads.themoneytizer.com/media/ Frame A905 228 B
582 B 151ms
150ms Image
image/png 156.146.33.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.themoneytizer.com/media/tm.png
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 494557430.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 21 Apr 2023 21:59:01 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 64336
content-length: 228
x-77-nzt: AZySIRBjK6H/UPsAAA
pragma: public
x-accel-expires: @1682136405
last-modified: Mon, 07 Nov 2022 09:00:04 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d07e571bb250743646a6fa30d
content-type: image/png
cache-control: max-age=86400, public, no-transform
accept-ranges: bytes
expires: Sat, 22 Apr 2023 04:06:45 GMT

GET
H/1.1 200
OK cmp.js Show response
ced-ns.sascdn.com/diff/js/modules/ Frame A88E 9 KB
3 KB 226ms
146ms Script
application/x-javascript 2.16.186.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://csync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:59:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 11:27:04 GMT
Server: AkamaiNetStorage
ETag: "d04509d397c3e2fc66494d97f7722854:1678364030.711077"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3028

GET
H/1.1 200
OK CookieSync.min.js Show response
csync.smartadserver.com/diff/rtb/csync/ Frame A88E 73 KB
16 KB 170ms
170ms Script
application/x-javascript 2.16.186.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9af42f99bd5a10c8ab7a32f3129857b126b1e5ab04979fc8665a17c343eb8753

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:59:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Jan 2023 12:00:05 GMT
Server: AkamaiNetStorage
ETag: "50f85d9fe081c36ec8027eb7990d524b:1673870779.157174"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16196

GET
H/1.1 200
OK TemplatePool.min.js Show response
csync.smartadserver.com/diff/rtb/csync/ Frame A88E 161 KB
5 KB 317ms
146ms Script
application/x-javascript 2.16.186.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by: Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-41.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 56a6d7fd926cc41bffa1cd8554a52be2c3d22d190d346c8c5f95afd6b338e0c3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 21:59:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Jan 2023 12:00:05 GMT
Server: AkamaiNetStorage
ETag: "10031464cbc33776c1eac269fe7e78ed:1673870780.106064"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4385

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
220 B 149ms
148ms Image
image/gif 3.125.61.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1682114338&aid=41034828375837575997032&ec=5989_151074_481978833&n=GgDyAtgBCAASFzQxMDM0ODI4Mzc1ODM3NTc1OTk3MDMyGAAgASjlLjCinAlAAUgBUAFgCmgAcKn5IpABAJgBAKgBALgBCsABDcgBEPAB1gH4ARCAAg2RAgAAAAAAAPA%2FmQJSuB6F61HIP6gCALACAcgCBNgCAPECZmZmZmZm5j%2F4AoUvgAPYBYgDWpADAJgDAKADAbgDpYU8yAMA0gMJNDgxOTc4ODMz2gMJODQ5MTIyMjk44AO3m%2BlE6QMAAAAAAAAAAPADEPkDAAAAAAAAAACABAiJBFK4HoXrUcg%2F%2BAIMiAMAkgMEYzYyN5gDAKAD4r0cqAMA&b=1
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.61.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-61-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 21:59:01 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 442ms
159ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=un&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&domain=paste1s.com&ref=https%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y&rr=creative&fid=10&rb=0&g=0&tmplid=214&cb=74264
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pe
eb2.3lift.com/ 37 B
139 B 444ms
161ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&peid=1&fid=10&tid=0&cb=96733
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame A905 3 KB
3 KB 145ms
144ms Image
image/png 13.32.99.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 18:34:27 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 98675
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: OFCQTVV6vL1wCy1-w_lWiAB5N7VXZgJNH9kZ_0_UfuA5sDMIehrpOw==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame A905 3 KB
4 KB 140ms
140ms Image
image/png 13.32.99.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 06:49:56 GMT
via: 1.1 ca8cb14c76df16342491237cea8cfed6.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 418537
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: nZ-lfNRoV-ujpi17wl7SSGp04MKaC1UWOWvnxFUH1Gr4N7eoBDbCBQ==

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 465ms
184ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&cta_render_method=1&cta_render_text=&cb=19203
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 88B2 663 B
301 B 176ms
175ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 21:59:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 511F 78 KB
27 KB 223ms
222ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 21:59:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F 42 B
63 B 173ms
172ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2kgy5RUKnel9l_OOSelmDyAfDhxGrZXHQWV8iUmR_Z6Roa4iqKaEswmVXtUODnG60RC3ZWsQIk1Ru0zIr2fyWaZ_qWakKekkFe1VgRVaSAAkJKXo

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F 0
20 B 174ms
173ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15173692593900855053&x=96&ct=2

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/1ed5450ac944853f2fb309a890beec56e0763d58/dist/bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aop
eb2.3lift.com/ 37 B
140 B 429ms
155ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=un&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&domain=paste1s.com&ref=https%253A%252F%252Fpaste1s.com%252Fnotes%252F3VQCO5Y&rr=creative&fid=10&rb=0&g=0&tmplid=214&cb=31075
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev1
eb2.3lift.com/ 37 B
139 B 426ms
157ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=0.013&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=17196
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200

3.gif
id5-sync.com/c/102/10/7/ Frame A88E
Redirect Chain

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/8/2.gif?puid=4417596967988441470&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=

43 B
2 KB

149ms
149ms

Image
image/gif

162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=

Requested by

Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=11&gdpr=0&gdprc=

Protocol

HTTP/1.1

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://csync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 21 Apr 2023 21:59:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://id5-sync.com/c/102/10/7/3.gif?puid=8606878047360377700&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

cs
cs.lkqd.net/ Frame 88B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1

43 B
533 B

541ms
225ms

Image
image/gif

146.20.128.100
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol: H2
Server: 146.20.128.100 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESECbOsq_oB8JRdbYwBitOa48&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88B2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc

170 B
188 B

145ms
145ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 21:59:02 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=bk5nQzljN2hTbGc
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 88B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1

43 B
766 B

146ms
145ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:59:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:59:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 88B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEMHJsJHTh99ivxjzWBVCAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1

43 B
766 B

145ms
145ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6TkZIDEPqn8pQDGNHT6eUBMAE&v=APEucNUOitj69gS6t-h4GqH6LVR1ZBQNjBL85WER8UbPeQu4eFL6_9o7IP0Ux0GcT81VBv5fPtHI5iqeIhnGnRLFJLpHoRJr_w
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:59:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdtjjNo16CdePap87V5nUo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F 0
20 B 172ms
172ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2042175369128&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F 0
20 B 172ms
172ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2042175369128&version=m202301230201&ct=2&x=96&cor=15173692593900855000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 511F 73 KB
34 KB 178ms
177ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1edc90923288d40c6fab87cd6ee8a60f0306d0a2bcfa43131ca0b7ce4d29d327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 511F 28 KB
11 KB 140ms
140ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJN-pT-5bGfqGlC9TOtE73mp_HxCRMcvL7F5UqlUva-dTiClbeNT21x4ciw1OZ3ggmJ6HvFIEwREvjh7m46RJ4ZIZkF3rED02mt6RhaQYMH5L3ARWr8jhYIeX8OhQ-DfRvKGO95mNEFJBx1HyJmExX5gXqomjpSmtMR4nsx3Qncx7upJ0&cry=1&dbm_d=AKAmf-ALZtvTKSdEcs4MwfG455MpY1pEbZ4Na1m6dn_NjaXVksXg8dD3qZa3OgcG8q1i2DRsDpqVqK_Rlh0wQ9wkkD3k_q2ki7z8NmJafDX9cRhFIwNq8RmosMl4rHD7RISRgVTFrEZWUaAtQ1_H02o-1ayqKwOg1ANI5oke_jwPtehPBRT2Y7m_7b60KIccX_G406TOY7_npobgKKm-yJjFoEJpXzGODRMOm-WExRFgf7d8BNp-G8WLBIAU4i_LfHmK-A4o1RTyaOTnZtBWlt34q7G64S1EUbHnc8sK2ej6Lx10-eDfnPa2ezFe9XuWK8-qSw-42CKCPS6gCdDOd8vVQ_y5gVZnS4E4JIVH8q6g-nz_aVuqHBlz94Mi5JJly4g_2CygzLbGakj2MZrjLliBa0e2p-xue2aIZA54MfzOZE2WYSQCq4X71Mse6lJ89uCviuI9PwPNG09eCzhz2qnS7-4rsHjaTACfIRLeZfewMdGDepCopXGenfpRWpy1xRSF1Z-TdFEp1CB-oj0o8cjJCG0P0AAh_NUtes9a_bm5e780RY86wSRMMDP7Z9ooMwdzcCkNBP2BTBh6-H4gKviQ_rZ6CQBd_OO08aMIBL6NINhJ5Xm2_HOrHgQkHOWmMYHWw_bTa6sFL-cP_us9hDizyf3ICJB0dm4yxMq0G3Fjpsc9AJMLYtvrKJlEsCVAIRHFa8Xj_nqgOR40hUPw0DGgNdD7A3fcrJNcZ9j-CDhc3l_bl9vCPgtH6xtU739RAQaIDK9EP2lC-wNsLiedXFafEBxibRJ4Ygz9ELoxDnltxvvjiDgNhDeur98CUr_wZovlRAOy2vvHNFiHpRmWkg1gP_wrZAHkuHA2j5VWD0tdPMexdJnhStPSZWfHMx4f1CFZwpO5e3iZaUnUkBmLDe9jmLH5Gn3LG0Ztr3b7E7xnCx9TsnhCYPKQ6EHiLT-hwkctb8cKyEqBPN0AbWwOrop6Bj-mLtbSCAuJ_B0_lM9-oDxc8D9LVMRrV95-daNKblTC8b0_RPR7j-v4lxdmLE4ZmUbhGHfE758sZd-1cfd55R9I1Ey7lbysKpj76q2tuUgDKBXxQrm-Tr7MPoqCtBmBnaaRaYwqpUy6-HS0bXAJa-PobS2XGONNpzhGBGFLo5ptfnrx6DUPCzFw9Ev9p8wRLXuWieedVWTXFAOAULrDDzZ3l2A6KVcjuA0qh_DK8lHQU-w1JOHAKjBDX3-ejoKcUYNYgF7PLQA169pqbnKOgbPoIRLO4c-tI6KKTaw-AxpfmvQCOUvKzq1bkkaeOQPsE5DR3VtEDY4c9Xc_iy0-f0hV_FcdqxA4KeixAV2a_4ZjMJTJgDwivIIf8MTrNpKuDKrbvOK5E0YfvgavNpo54DhQtP_ZpYQREjW3_qk8vpNFsnbRODltu363wbqMPxVlzJtdLek9Uy0-5LFUpdem-VZQ-IBST4wLqgiWAb8x9bei02E_sgxrGve0Yc_NjguJW09XTPfn0M_iY3DzmZTppkWQfJhEv3G7zwmksxxcmT2LkJKyKQUQzCTOpW8Fmsxy9OzUW228xBUFHrYx106gAWXu1GnVh5nchshYUPBW2x__N9iE45W6UO0HKP1aFEQ64sxvC8TADTpAzHJuXuLxoXggS0B5uZNggqnJzOm1AfvmxgNU4Y6YQInz616eUHbS-dk4f1vGZSZWRQ9Avmbi3Psj3URyN155DVBRzFop7-vafumcTCooZ8ufTWuQE2i_LKKlgHIpytGdeUUYZcQ2wpJP6CYTlE-tvBmsaZLDwUZ36pgr3CvgArCkP3xOnTtULofxUBq-EwoeMz8yUwDso8DLcGST3kW2FfDwVYXdSBLSyvzSWbjkNGjRFe55ezE42ZmrDhTO6_dKG-AWsDvmPSA6pqeFIHKXmw4pSzSU_o4FJ9I2kq9jruvEyUHyhzXazYfNFtKDcQFboa44WIZbpSn3MVh2xFTC0aXEMU9ieYZ0HG7umO92jeVe0Y32e-zUh1xeL6cQ1hd8iHzcn5a8kCPjaFTbS0FUPTorEPSnb-dInVGtcSzKjCNiYY_0FdBa1cdtveYmzMNHXmtmG7z7Gj8hVhLiqiFR3g7xOfquInOSaAQSJI1q2NwfV68swh9_DazAIfGy1u20cak0Bfs4hywe3nxNya9Eb5lRMuvbNDiiKlMi-Ox4NrVPIbhe7VYlPGBeXk7y4-wTATXtUazlqzyA-3DbWyFmyR2H0-AuexNZCLqfw8E6GaJG1YEuutkAftQJVQYstmGr9-MudIhwBIW5oPt7w7T4VEqrNS0YwxV8UtUL3i8hVfk4652JwJbgIhGkyvYwuVXYAHm7Ew05dbsoKkfbYT-uTbYORY0qk2uWH9KALfI65mpRyIhBHsH5uUqvBEBiHveqkwfiba-MYq9MmTFYFzVMLnrI9_weGHgb8HeXu5iSaRV_2VOaGpiwUPTn9tBt45roz2RBGHw_WEylkZQ3p-ZJBCMyupChDNsrmyAaYc7eyJ3qiB6cxmwT5Uh8nZ97JYDfHnbWawyi43qzpiHkZ5xYptUkxBpnWvGaVRhg8n0R73JU_k7HBnWehg93pxENK5YKapMHW47VbxvTq3PXt2MylUHTYPCLszAWJ_tUxo2XAPbhZUM8vSunV1ufyEI-PnjM0kX1lhSIYnX635FLmhh2KhEgNEFB02Q55munmvMZoi-LQAuwjjzEnxw2Pei2BfEZzMQC1ohKh0Y-rSnbLl6yHkuRmgIAurAwKJrDzTCT-PFim5rZfMWmS5w7qKPOHmerkmWXC6dO3xGtkuB7R7IbpZbm6gyDrISnI0K6znw0MSidT37_ZwKEBbAS1sdi_UZT556NH6pVIxuRIX599tP800_M_NmOwLvpxY0k40ipLP0No4Io01FhpJY1hc0XGgtEtaYdtVGpGmxMeacDSblQl_-WygmadQIkkZtNULze7MEPQjtjs196jcw4WEjuws38qvKr8HPTpYIQz-jlMidU2Ejhwu1fVD7pxzsaxGp6P8XgQRdq-MDVVVLRLoHTv33IzrembHO0crtoMbwsRdnWaKSBKl6y3qn7hbFOXwG4YFAe_HeepVzjvqRPkj8BPG9Sv87t2MiVV4QRsPTC3aj3vTUJthhvjqMxV5ABwn1hty5ifVSHV0Sd3WplAVKhU9XZs07dBfagRAtHyNVxOLiyIRDHwokYX77oKCbunhFDVPTIhLwGyiHebjPyxeIZco7k2mHOqcPziaQi5OeE653E0FwCPslb9_gt5BNIqkcpUCg7sdkDhXREsgT8puoFNhxWsh1kDeIAuK2Tdoyadcijrs7d-9hVYP1YqOZzLGWPaSmr4mcS62vf6vujcDyxAtBz6yXx1xX-4jI0DCfAtU9rgWRgq0h_wRlgkEIp_gISfLlRxParL6FplV26QJ7eUSrCMqbv5fpNjLjlEfipLlEhswvov69IJ5L7VdhX4XXJ_pqLV9xMvsaBWe95VY1p4gZCUQ3R7f8arQVjw_bfU613lBOnSJ8UuakcrApBHmaz&pr=96%3A0.016&cid=CAQSMgBygQiD7-8QrR1i6pYA0ag4qdhFltKEb534yVjx1BNy5qqN2fbTqbqbwbsYGG5YbzEwGAE&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3DMoneyTizer_Footer_HDX_native2%26aid%3D41034828375837575997032%26rev%3D1ed5450%26pr%3D0.013%26bc%3D0.016%26bmid%3D5989%26biid%3D6021%26sid%3D151074%26brid%3D572585%26adid%3D481978833%26crid%3D144330167%26ts%3D1682114338%26bcud%3D16%26ss%3D12%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D38936%26rdir%3D&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaste1s.com%2Fnotes%2F3VQCO5Y&ds=l&xdt=0&iif=1&cor=15173692593900855000&adk=2506182968&idt=294&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 17:53:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 511F 159 KB
49 KB 433ms
152ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 21:59:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 511F 11 KB
4 KB 141ms
141ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 511F 0
0 476ms
187ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-ufpuR0Nj5q2knjswNk1kUF8WFSGnH3B_cEUZg-XhQELAEQ4_AK6HjM2f0QvSl6Ftdv0OugWCH1B4dTsPgF1eZ2NWE_Iksyq9DN-XmHBJsSOLkyUv_eJaOWWCrSqIMVJ83Iwe32MT6QxlyAEJRnM0vP5vt0BbMJ2q2yvbRVLWL3S9PxK-KKJe3A1a7g9_SLLiqO18xfN3DQaPD7o0zfbyfM6-5i_sLrsiLEjKs6f9_6uDwklAj_1hmFuhFMhMpEIzJNlO_qFehh0Qqt0iyERZ3ogaSPNzZBlJ1pdUS_swQJFlIPVN6-1c9oAny96KMTZNnm4rTytstaNghKEKsQyfiPtBpxZBCCD1RmQv_jtxeXYS6B-tTlCYbIIt8BSG3rNFg6ayM73eyYwWwYB9YoSTEwp7-NbW7T-5oqivWAgvUYs5RGVfsH9cvNKCxiZZyeMJ67K7q-a7MrJhsHHAoCbNfw_f-PuzLaJ9gVO5vdPAqeas4xxZhNbtFDo74Y-eUM05gthP6azARpsrJMz3coNoJjZBeaY08HiR4uVH0vu8wdVmG-PVxVB9cJ-pTmjAIsgpJJzIMjCUIuksbZra10wrnCDcuFbQeykkrb1mrea4qVjLGZJw9QPDA_6b9Ex9c6jwRsM3ZjsWxzKAYkyy933HxdGjPihOpwRo-cLvY3QGe2C52qmGMHlO9uineLnNZ9p5Ck9X33BfpHsqENHgM97Cjt0r1140Lc0REMCn6FLJQYJmyxbtIL-veLIcSldM57HnZwIRZLWoBeCEj9kggg2XJGZIGoc2Bk9enuuMizKGZdYd7Z6d9EFDML6tASyK-rt0agLUQjw2T9-7uZJXCzpkBgFVzDj8BLxUyatamZtDs_ujqp0qBpkVyHWId8WG3ISI-vroktBZrAtsWl-mZBC9na4elRH9Bnt_cVLzR_qFXi30DcVASAOpbOr4wYFd74kpFZ1NbdrGuVeL3Jekf1Fj9qfZpC2BRuDU1Tib6aIZMgvdPR_xAtMwbNcXeb8-wtM6uct6UtKrHeiQ37k6gnX4Pa2hIYg8FNNjvfQrBa_ObVOUPZxE6K414yVTS3OW-BsAO7Ghy2J7bDlLig9b-MlHzU4qllvYz4bxUZM3Gsr0wS7_oRNNSCXTNjNNuDP46__2mggK2EqxR48YEpspUfsGeYtuLn0AZ-cnCZsu3Ld4Ocg9&sai=AMfl-YRUMr6UdYzELfKtnm1L3zVfax2oxGnLuYmUXrJy0ujr3Y9j_PBJS18ZB5VqKmGGb__1XU6ycN9_wyDoqAorC0tw2lJ2v7MmYLkKl__FjpE0VojRex0HcN3FJxS9c3tZnogdkoH2JKAVQlkifr0UjiPXNOAfIqynyOyIE90S2S4nAf8PE9ATwDV-flRZ_7Vxt68smqCRDPmM1UlUsQs81W-Df5040rgOfI6WMfVIU4B_qTsbnm3worIGGBk&sig=Cg0ArKJSzEhGMY1nkU15EAE&uach_m=[UACH]&pr=96:0.016&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230418.48451&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 21:59:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 21 Apr 2023 21:59:02 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 511F 41 KB
15 KB 417ms
136ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
H2 200 11713519340353984172
s0.2mdn.net/simgad/ Frame 511F 60 KB
61 KB 435ms
138ms Image
image/jpeg 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11713519340353984172

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

a3d9126182541a330a55ed507eef56ba5fdd5c5d9f2525bc07136ece9d1e3db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:06:07 GMT
x-content-type-options: nosniff
age: 71575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61904
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 13:11:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Apr 2024 02:06:07 GMT

GET
H2 200 ev
eb2.3lift.com/ 37 B
139 B 155ms
155ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=MoneyTizer_Footer_HDX_native2&aid=41034828375837575997032&rev=1ed5450&pr=0.013&bc=0.016&bmid=5989&biid=6021&sid=151074&brid=572585&adid=481978833&crid=144330167&ts=1682114338&bcud=16&ss=12&caid=0&unid=0&cepos=0&ceid=0&cb=16772
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D288 22 KB
8 KB 138ms
136ms Document
text/html 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 215323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usync.html Show response
u.4dex.io/ Frame 72CC 699 B
897 B 428ms
145ms Document
text/html 34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/usync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: d1155aebbf89bbec6fadb9245f8c84cc74313cba6bba974a8c5cfe0c9077460c

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 699
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 21:59:03 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2 200 isyn Show response
prebid.a-mo.net/ Frame 0CF3 2 KB
733 B 153ms
153ms Document
text/html 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 0665c031de4ef6b6de993aeaa88c791ff4f224efa967206118a3e58f1a282cfc

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 644
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 21:59:02 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 1

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2E40 3 KB
2 KB 149ms
149ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

eb0d6b6deb07528c3aacc83225d29f085f5e8ad0c05e7182e1d254c31fd4f1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1290
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 4048
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
2 KB

155ms
155ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 6fc13ec563f7bfee406af162ff190e850f11355403e3647a36a8d14b695eae70

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1114
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 21:59:03 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 21 Apr 2023 21:59:03 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 5053 6 KB
2 KB 166ms
157ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_44/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501

Request headers

Referer: https://paste1s.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bb8e453ca2a3651-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 21:59:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

prebid
b1h.zemanta.com/usersync/
Redirect Chain

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

26 B
315 B

251ms
251ms

Image
image/gif

64.74.236.63
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: HTTP/1.1
Server: 64.74.236.63 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3p: CP="We do not support P3P header."
Date: Fri, 21 Apr 2023 21:59:03 GMT
Content-Length: 26
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:59:03 GMT
Content-Type: text/html; charset=utf-8
Location: /usersync/prebid?gdpr=0&gdpr_consent=&s=2
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 72
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 511F 0
0 176ms
175ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-ufpuR0Nj5q2knjswNk1kUF8WFSGnH3B_cEUZg-XhQELAEQ4_AK6HjM2f0QvSl6Ftdv0OugWCH1B4dTsPgF1eZ2NWE_Iksyq9DN-XmHBJsSOLkyUv_eJaOWWCrSqIMVJ83Iwe32MT6QxlyAEJRnM0vP5vt0BbMJ2q2yvbRVLWL3S9PxK-KKJe3A1a7g9_SLLiqO18xfN3DQaPD7o0zfbyfM6-5i_sLrsiLEjKs6f9_6uDwklAj_1hmFuhFMhMpEIzJNlO_qFehh0Qqt0iyERZ3ogaSPNzZBlJ1pdUS_swQJFlIPVN6-1c9oAny96KMTZNnm4rTytstaNghKEKsQyfiPtBpxZBCCD1RmQv_jtxeXYS6B-tTlCYbIIt8BSG3rNFg6ayM73eyYwWwYB9YoSTEwp7-NbW7T-5oqivWAgvUYs5RGVfsH9cvNKCxiZZyeMJ67K7q-a7MrJhsHHAoCbNfw_f-PuzLaJ9gVO5vdPAqeas4xxZhNbtFDo74Y-eUM05gthP6azARpsrJMz3coNoJjZBeaY08HiR4uVH0vu8wdVmG-PVxVB9cJ-pTmjAIsgpJJzIMjCUIuksbZra10wrnCDcuFbQeykkrb1mrea4qVjLGZJw9QPDA_6b9Ex9c6jwRsM3ZjsWxzKAYkyy933HxdGjPihOpwRo-cLvY3QGe2C52qmGMHlO9uineLnNZ9p5Ck9X33BfpHsqENHgM97Cjt0r1140Lc0REMCn6FLJQYJmyxbtIL-veLIcSldM57HnZwIRZLWoBeCEj9kggg2XJGZIGoc2Bk9enuuMizKGZdYd7Z6d9EFDML6tASyK-rt0agLUQjw2T9-7uZJXCzpkBgFVzDj8BLxUyatamZtDs_ujqp0qBpkVyHWId8WG3ISI-vroktBZrAtsWl-mZBC9na4elRH9Bnt_cVLzR_qFXi30DcVASAOpbOr4wYFd74kpFZ1NbdrGuVeL3Jekf1Fj9qfZpC2BRuDU1Tib6aIZMgvdPR_xAtMwbNcXeb8-wtM6uct6UtKrHeiQ37k6gnX4Pa2hIYg8FNNjvfQrBa_ObVOUPZxE6K414yVTS3OW-BsAO7Ghy2J7bDlLig9b-MlHzU4qllvYz4bxUZM3Gsr0wS7_oRNNSCXTNjNNuDP46__2mggK2EqxR48YEpspUfsGeYtuLn0AZ-cnCZsu3Ld4Ocg9&sai=AMfl-YRUMr6UdYzELfKtnm1L3zVfax2oxGnLuYmUXrJy0ujr3Y9j_PBJS18ZB5VqKmGGb__1XU6ycN9_wyDoqAorC0tw2lJ2v7MmYLkKl__FjpE0VojRex0HcN3FJxS9c3tZnogdkoH2JKAVQlkifr0UjiPXNOAfIqynyOyIE90S2S4nAf8PE9ATwDV-flRZ_7Vxt68smqCRDPmM1UlUsQs81W-Df5040rgOfI6WMfVIU4B_qTsbnm3worIGGBk&sig=Cg0ArKJSzEhGMY1nkU15EAE&uach_m=[UACH]&pr=96:0.016&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=622&vt=11&dtpt=620&dett=2&cstd=0&cisv=r20230418.48451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://paste1s.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Apr 2023 21:59:03 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame D288 36 KB
14 KB 138ms
138ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 00:22:16 GMT

GET
H2 200 cframe.js Show response
assets.a-mo.net/js/ Frame 0CF3 9 KB
4 KB 440ms
148ms Script
text/javascript 104.19.158.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.a-mo.net/js/cframe.js
Requested by: Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.19.158.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: FRA6-C1
age: 62
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 27 Mar 2023 18:10:34 GMT
server: cloudflare
etag: W/"60125fcf1fcf576eebb45554f83ada73"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 7bb8e45699242c7b-FRA
x-amz-cf-id: EZaBNcR0LnddyoHnvAJWcaPr1HbR2mM7w7yppz0Asiieu10pg9MZIw==
expires: Fri, 21 Apr 2023 22:59:03 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 2E40 42 B
774 B 144ms
143ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Nvh8C0ZOm6CYKj4KEZmkwFwLPbq1ixXjD0l89ty0qF8
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E40
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q

170 B
188 B

145ms
144ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABh6XT8P3cRAOqcC33WxufMiwukc8xNrvG8Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0

0
291 B

148ms
148ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LGR3G1SV-L-10W6&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470

0
291 B

147ms
147ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Fri, 21 Apr 2023 21:59:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2a80b81b-479f-4563-a5d7-548ca0e251c9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4417596967988441470
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273

0
291 B

148ms
147ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=7772941124511262273
date: Fri, 21 Apr 2023 21:59:02 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 2E40 0
0 146ms
144ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2E40
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA

43 B
479 B

241ms
240ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:59:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5GFS1B2F5M6BS7CPXCQ8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQ1NzIyQ0ItOTNGQS00RjAzLTlFRkEtMUY1QzkyRUJBQjMx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEVV9byWpApOjUpga3NdsCE&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=114&uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31

0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1

0
291 B

148ms
148ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEA0HnYxcH15d_YGYwz4JYAw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 2E40
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A

0
291 B

153ms
153ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1682114337988&gdpr=0

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A
date: Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

sync
x.bidswitch.net/ Frame 2E40
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=863f23c4-62ba-42d3-ac8d-e0bed9cd78aa&ssp=onetag

0
0

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 5053 48 KB
12 KB 157ms
148ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 22700
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7bb8e454eb823651-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D288 0
20 B 176ms
175ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF5DRJgdDZOf3CNXw3wPQhLjQAwAAAAA4AeAEAg&bg=!YmGlYTXNAAYfNdXmPzU7ADkAdvg8Wnya8uWWTxxJojQF5cICIi1nE5xpQcZbyw0SIiJpT6BRHGwhybZG5Uv7eLvDfplEbQgiW9wCAAAAPlIAAAABaAEHmQLW7nzuyczFJ24HYw0WUBBDr1CqbJ4sCd8cjp6GbmukmHERzrpSzIFdK77QNzoHrC0ZpchXApJiYPXVUDEvH7LaAmFZzb9fZ_uY21psd2haW0qW_RjuAS2RYIRMV7LCmOcwPFNvKNnWhavsT8IE5db0MZ3mGhP_XpPc7idvWyCtwOkbgIx58-HU6qyqEOJPhdCc6MxcVgULS8Pe5_iBwrw9SlW5p9-PgVHVdaFalN_BPFfJNzI1tCrK_c_cW4BuLcS7C4i0KHw2fqSPE7EYNeWwbhmyx2TI_siZSRLGo81l-ZQMOywTZX8xcuhtu3Sbwa6avjKRlgdWte7wweJelObJe04QeoDnvIH9PvQLZo5j7CZQTGNNPpogk9CIA-CQ13cAq2zH-XbPea1YbYk0ln-CQlFBr0O8zxHazCXvn05GYJkoNsMliLUKM30AiVmcV2MdF6aabSa3vVfM-FgWDThbLWM4uwyxJfvOetaZ-uaNM739I3wrPdVwjUliXwOneJEv6ETtNM-EtIWgc5JxQATyX40K8rcGCgbm6qTPBYP8ZVUYMUvXXW3VOiLTBILDJfPlEIJ_X7L9DX5P391pf34aINlEUqrUSbaF0mNrxssnAUmWIAXGYTDTkkRyEV3QVqkHmwk9MDxQJfkyxYKtEdi3T8mV_M4YrV3_3J6wkjk7aLrr2ca5Aznbw2BjbCcDFEPUesMIgeTOa9Skcwm2QRj9SDhqlhkKt2dKmuzpbBVnk-_RNCG4yNUY5r4y1QAK6WeYwE9EuhQGVLgGSZKLn-osoZv1aU9tXXKSXEImoi0rXjCEG_KN0UHgw1SewCbn0sA_2vZ-oSdktJYuLRbXl8qcwS9dz84SGW2oBuXeFjTKNV20MR-ifmVzsBnY6h5tFs8VrKCtpTr-XFx_-d8Gziq2ZxWuVkLgnaEkoZp8W647aZagkP-URdL0C06djdMrL60DdgL_xkj0

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 4048
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

157ms
157ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 4048
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

156ms
155ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 4048
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

158ms
158ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEK3okoOQ1XtHFibUj71vd8M&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4048
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D

170 B
188 B

148ms
147ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg4NDQ3MzEzMjcyOTU0MTc4NjgyMg%3D%3D
date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 4048 0
513 B 555ms
280ms Image
text/plain 13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3884473132729541786822&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7F342064FC0444ACB4F055783947CAEC Ref B: VIEEDGE3812 Ref C: 2023-04-21T21:59:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX538Ps7Yg6paktxhfnVg==

GET

bsw_sync
ads.creative-serving.com/ul_cb/ Frame 4048
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=3884473132729541786822&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=

0
0

GET
H2 200 c.gif
c.bing.com/ Frame 4048 42 B
667 B 478ms
170ms Image
image/gif 13.107.21.200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3884473132729541786822&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:02 GMT
last-modified: Wed, 19 Apr 2023 15:34:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8DE886481F146CEBD1868337A765991 Ref B: VIEEDGE3621 Ref C: 2023-04-21T21:59:03Z
etag: "f5c05c67d472d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 4048
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3884473132729541786822?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883

37 B
354 B

157ms
157ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-274do5RE2oSfK14pAHFJS1NtGcWTydBPMLNQRp8baQ--~A&dongle=0883
content-length: 0

GET triplelift
b1sync.zemanta.com/usersync/ Frame 4048 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame 4048
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

158ms
158ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Fri, 21 Apr 2023 21:59:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 704d5486-c343-4c24-bc80-aaedc60ea089
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=4417596967988441470&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame D81B 0
322 B 153ms
153ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bb8e455fcb63651-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 21:59:03 GMT
server: cloudflare
vary: Accept-Encoding

GET

GhRnqLZHBZj79kGUSvSTvT8_
csync.smilewanted.com/set_partner_userid_get/sovrn/ Frame C58D
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID&sovrn_retry=true
https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_

0
0

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame AE29 0
0

GET
H2

200

setuid
u.4dex.io/ Frame 72CC
Redirect Chain

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f

0
544 B

144ms
144ms

Image
text/plain

34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f
Requested by: Host: u.4dex.io
URL: https://u.4dex.io/usync.html
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.4dex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 21:59:04 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

date: Fri, 21 Apr 2023 21:59:03 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://u.4dex.io/setuid?bidder=openx&uid=3dbcfcab-8a82-406a-b8f1-4796cb12919f
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET rmpssp
sync.1rx.io/usersync2/ Frame BEF9 0
0

GET

e6bf04f0-9407-5270-9072-4a86f4314da1
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame B331
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1

0
0

GET

64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame 83DD
Redirect Chain

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca

0
0

GET
H2

200

ccb7e3087b8c98d4b4efa29472edf Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame F92B
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0

0
404 B

152ms
152ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bb8e45a79e13651-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 21:59:04 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Apr 2023 21:59:03 GMT
Expires: Fri, 21 Apr 2023 21:59:03 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/ccb7e3087b8c98d4b4efa29472edf?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1682114343924010-384

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 8918 0
0 452ms
145ms Document
text/plain 18.194.204.152

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.204.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT

GET smw888.gif
us.ck-ie.com/ Frame 5F0E 0
0

GET

cm-notify
creativecdn.com/ Frame AFE2
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1

0
0

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 2FD7
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8

43 B
2 KB

147ms
147ms

Document
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

AN-X-Request-Uuid: 885f0394-ce03-46bd-a387-181459338d80
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 21 Apr 2023 21:59:04 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7bb8e45978b13651-FRA
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 21:59:03 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3350ae2aec1e6fb2d0519f5d7bd968a8
server: cloudflare

GET usync
id.a-mx.com/ Frame 0CF3 0
0

GET

usersync.aspx
dis.criteo.com/dis/ Frame 0CF3
Redirect Chain

https://x.bidswitch.net/sync?ssp=adaptmx&user_id=090bc00d-2a93-4bdb-b17d-508f6930049e&gdpr=0&gdpr_consent=&us_privacy=
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40

0
0

GET
H2

204

yahoo
prebid.a-mo.net/setuid/ Frame 0CF3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=090bc00d-2a93-4bdb-b17d-508f6930049e
https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0

0
112 B

153ms
152ms

Image
text/plain

147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid/yahoo?uid=y-PjFUq6JE2uGHeaB0arz8bMsZbBD88Ar_Fffa9Nw-~A&gdpr=0
date: Fri, 21 Apr 2023 21:59:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 0CF3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0

0
147 B

153ms
153ms

Image
text/plain

147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LGR3G1SV-L-10W6&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET cookie
cm.adform.net/ Frame 0CF3 0
0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 0CF3
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%...
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273

0
138 B

153ms
152ms

Image
text/plain

147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:04 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=smartadserver&uid=7772941124511262273
date: Fri, 21 Apr 2023 21:59:03 GMT
content-length: 0

GET

SPug
image4.pubmatic.com/AdServer/ Frame 0CF3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dpubmatic%26uid%3DA45722CB-93FA-4F03-9...

0
0

GET usermatchredir
ssum.casalemedia.com/ Frame 0CF3 0
0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 0CF3
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dsovrn%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_

0
112 B

152ms
152ms

Image
text/plain

147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Fri, 21 Apr 2023 21:59:03 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=sovrn&uid=GhRnqLZHBZj79kGUSvSTvT8_
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/ Frame 0CF3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dappnexus%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470

0
112 B

153ms
153ms

Image
text/plain

147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470
Requested by: Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y
Protocol: H2
Server: 147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:59:03 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Fri, 21 Apr 2023 21:59:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6a09373e-bffe-4385-94b3-a99f73aa8812
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://prebid.a-mo.net/setuid?A=090bc00d-2a93-4bdb-b17d-508f6930049e&bidder=appnexus&uid=4417596967988441470
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/prebid/ Frame 0CF3 43 B
1 KB 158ms
157ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e

Requested by

Host: paste1s.com
URL: https://paste1s.com/notes/3VQCO5Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://prebid.a-mo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 21:59:03 GMT
AN-X-Request-Uuid: 1d05734b-ad63-4a01-b494-baee47f70d1b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET setuid
ow.pubmatic.com/ Frame 0CF3 0
0

GET setuid
prebid-server.rubiconproject.com/ Frame 0CF3 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 511F 0
0

POST gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=114&uid=A45722CB-93FA-4F03-9EFA-1F5C92EBAB31

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=863f23c4-62ba-42d3-ac8d-e0bed9cd78aa&ssp=onetag

Domain: ads.creative-serving.com
URL: https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=debfa3c7-fae8-4d37-bda9-b68880222ba0&gdpr=0&gdpr_consent=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=

Domain: csync.smilewanted.com
URL: https://csync.smilewanted.com/set_partner_userid_get/sovrn/GhRnqLZHBZj79kGUSvSTvT8_

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted

Domain: csync.smilewanted.com
URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/e6bf04f0-9407-5270-9072-4a86f4314da1

Domain: csync.smilewanted.com
URL: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/64d50f0ced80680d01946dfd77291428c4fd8ab462ce96b31374a7f89b2228ca

Domain: us.ck-ie.com
URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=smilewanted&tc=1

Domain: id.a-mx.com
URL: https://id.a-mx.com/usync?uid=090bc00d-2a93-4bdb-b17d-508f6930049e&gdpr_consent=

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dadaptmx%26user_id%3D%40%40CRITEO_USERID%40%40

Domain: cm.adform.net
URL: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dadform%26uid%3D%24UID

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dpubmatic%26uid%3DA45722CB-93FA-4F03-9EFA-1F5C92EBAB31

Domain: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D090bc00d-2a93-4bdb-b17d-508f6930049e%26bidder%3Dindex_rtb%26uid%3D

Domain: ow.pubmatic.com
URL: https://ow.pubmatic.com/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e

Domain: prebid-server.rubiconproject.com
URL: https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRDXloCwaAlNtxEkUoaZBJ47sxXNEC3WDJ-R0W7_FZeALdOWpTWtZ23g-hiCUsJybznrtBh78BPA2k2rB4vo1QX68pGWF0X6w&sig=Cg0ArKJSzAY7k4J3_LI3EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2506182968&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682114341747&rpt=1226&wmsd=0&pbe=0&vae=0&spb=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2042175369128&version=m202301230201&ct=2&x=96&cor=15173692593900855000

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 13:24:50	Name: sync Value: CgoIoQEQ9OHPrvowCgoI4gEQ9OHPrvowCgoI5gEQ9OHPrvowCgoIhwIQ9OHPrvowCgkICRD04c-u-jAKCQg6EPThz676MAoJCAsQ9OHPrvowCgoIjAIQ9OHPrvowCgkIXxD04c-u-jAKCQgfEPThz676MA==
paste1s.com/	1970-01-20 11:15:21	Name: XSRF-TOKEN Value: eyJpdiI6IkVXRmN3QnE5bS9PU2F3UG9tSzhYV3c9PSIsInZhbHVlIjoidkVtWlpDZWx2NG1qTnNwQlRqV2VYWDAwbEpXYzRNNktZN3pqRWRtK2h5enRkSTUxN3hic25kdUo5OGVRSm5BT1I3WTlNYXNHODBsYlFNV2RnazdORFRXODNibzNDTkQ0Q25EUktKZDBoR0JKR2p5T296V1dnNjMyL0wzZDFuazMiLCJtYWMiOiJiN2Y5OWRhNmQ4YWUyMDIzMmFkODExMDI3OGNiYjRkOTU1YTdmNjlmNDVkNDgzNmNiM2MwYzYzM2Q3N2IxZTFhIn0%3D
paste1s.com/	1970-01-20 11:15:21	Name: online_notepad_take_notes_and_earn_money_at_paste1scom_session Value: eyJpdiI6InJVdmtVNHRTRXM1UlE2UEY4eTdjYXc9PSIsInZhbHVlIjoicG5Td0tTZWNPaTk5eW5aS0lqcEViRVBKbU9UY1pNc09QTHp2eGgwYmxVSG91b0o3T2s0RExrTyswV2NHK0pSL1VKNE5ocWZ3YmRBcVJCdXhlOSt4M1dUMGQyUzA4bW4zdlNiRnBmMXlVMTZxU0RpSFg2MjYvVnpNc2U0SFNBVEwiLCJtYWMiOiJmNjlkMDU2ZjJiYjkxODIwNTVlNmM0NDA5ZDA4Y2Y0ZTQwNDhiMmNkNDUwOTEwNDkxZTcyYjliMGZmOGQ0NjUzIn0%3D
paste1s.com/	1970-01-20 11:58:26	Name: _pbjs_userid_consent_data Value: 6683316680106290
.paste1s.com/	1970-01-20 13:24:50	Name: sharedid Value: 214c568c-e777-402f-9dc8-b2211122e40c
.zeotap.com/	1970-01-20 20:00:50	Name: zc Value: de0dc530-89b6-4746-4818-153bf3d74f9d
.zeotap.com/	1970-01-20 11:16:40	Name: zsc Value: %2A9HE%A7P%D9%BD%C4%F4%3E%15%ABWJ%03%16%B3%90Ab%9F%1Df%BF%01%10J%87%2F%B41%C1%85%24%24%9F%06%D6%22%B9%F4%B5%CE%06%2B%F1m%FBX%CEO%BC%E7%B6%9D%B7w%EEH
.adnxs.com/	1970-01-20 13:24:50	Name: uuid2 Value: 4417596967988441470
.mathtag.com/	1970-01-20 20:41:09	Name: uuid Value: f65e6443-0722-4e00-9d60-49400f7fbaa8
.paste1s.com/	1970-01-20 20:51:14	Name: _ga Value: GA1.2.1387979014.1682114338
.paste1s.com/	1970-01-20 11:16:40	Name: _gid Value: GA1.2.908602986.1682114338
.paste1s.com/	1970-01-20 11:15:14	Name: _gat_gtag_UA_129758818_17 Value: 1
.adsrvr.org/	1970-01-20 20:02:16	Name: TDID Value: e6dcd8c2-0984-47e4-831b-9f38d1c78845
.doubleclick.net/	1970-01-20 20:51:14	Name: IDE Value: AHWqTUmcNeDR5OItFcWW84OKilwxQMEMgAICfMlkG5GR74jwU80XBaO-NJ2AZbar1dk
.rubiconproject.com/	1970-01-20 20:00:50	Name: khaos Value: LGR3G1SV-L-10W6
.cpx.to/	1970-01-20 20:00:50	Name: cpSess Value: 265ac13f6265548f
.id5-sync.com/	1970-01-20 11:15:14	Name: callback Value:
.cpx.to/	1970-01-20 20:00:50	Name: dsp_dbm Value: CAESENGN_6ME5-oIgNdOPmMqe6I#1682114338219
.prebid.a-mo.net/	1970-01-20 20:00:50	Name: __amc Value: 1_1682114338_1682114338
.a-mo.net/	1970-01-20 20:00:50	Name: amuid2 Value: 090bc00d-2a93-4bdb-b17d-508f6930049e
.prebid.a-mo.net/	1970-01-20 20:00:50	Name: sd_amuid2 Value: 090bc00d-2a93-4bdb-b17d-508f6930049e
.omnitagjs.com/	1970-01-20 11:58:26	Name: ayl_visitor Value: 4544a5a6e4c8059c19d2e2c04895ee8e
.quantserve.com/	1970-01-20 20:45:28	Name: mc Value: 64430722-4dc5c-670eb-d6643
.paste1s.com/	1970-01-20 20:39:43	Name: __qca Value: P0-1442885964-1682114337244
.pubmatic.com/	1970-01-20 13:24:50	Name: KTPCACOOKIE Value: true
.cpx.to/	1970-01-20 20:00:50	Name: dsp_TTD Value: e6dcd8c2-0984-47e4-831b-9f38d1c78845#1682114338390
.pubmatic.com/	1970-01-20 20:00:50	Name: KADUSERCOOKIE Value: A45722CB-93FA-4F03-9EFA-1F5C92EBAB31
.cpx.to/	1970-01-20 20:00:50	Name: dsp_app_nexus Value: 4417596967988441470#1682114338564
.cpx.to/	1970-01-20 20:00:50	Name: dsp_pubmatic Value: A45722CB-93FA-4F03-9EFA-1F5C92EBAB31#1682114338640
.smartadserver.com/	1970-01-20 20:02:16	Name: pid Value: 7772941124511262273
.smartadserver.com/	1970-01-20 20:45:28	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 20:02:16	Name: csync Value: 111:ID5-3c77NB5cP0eKs0lN0S7hUGAVdbSUzWPBxu8McUVPTA
.4dex.io/	1970-01-20 12:41:38	Name: uids Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNC0yMVQyMTo1ODo1OS4yODE5MTA4NFoiLCJwdWJtYXRpYyI6IjIwMjMtMDQtMjFUMjE6NTg6NTkuMjgxOTA0NDcyWiIsInJ1Ymljb24iOiIyMDIzLTA0LTIxVDIxOjU4OjU5LjI4MTkwOTY4MloifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiYWQ3NDI0NmQtMWM0MS00ZjkzLWFiMmUtMDZiNGEzMjc5YjIxIiwiZXhwaXJlcyI6IjIwMjMtMDYtMjBUMjE6NTg6NTkuMjgxNDkxNDgyWiJ9fSwiYmRheSI6IjIwMjMtMDQtMjFUMjE6NTg6NTkuMjgxMzI4MjkzWiJ9
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 20:51:14	Name: E Value: ACCpH33PMT0azlt4
.id5-sync.com/	1970-01-20 11:15:14	Name: cf Value:
.id5-sync.com/	1970-01-20 11:15:14	Name: cip Value:
.id5-sync.com/	1970-01-20 11:15:14	Name: cnac Value:
.id5-sync.com/	1970-01-20 11:15:14	Name: car Value:
.id5-sync.com/	1970-01-20 11:15:14	Name: gdpr Value:
.bidswitch.net/	1970-01-20 20:00:50	Name: tuuid Value: debfa3c7-fae8-4d37-bda9-b68880222ba0
.bidswitch.net/	1970-01-20 20:00:50	Name: c Value: 1682114339
.bidswitch.net/	1970-01-20 20:00:50	Name: tuuid_lu Value: 1682114339
.semasio.net/	1970-01-20 20:00:50	Name: SEUNCY Value: 39ECE741232877CF
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 508015=5418599
.smartadserver.com/	1970-01-20 11:16:40	Name: sasd2 Value: q=%24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qpc%3D380000%3B%24qt%3D107_7_29856t%3B%24dma%3D0&c=1&l=1224194952&lo=1424563188&lt=638177111408252014&o=1
.smartadserver.com/	1970-01-20 11:16:40	Name: sasd Value: %24qc%3D1314590126%3B%24ql%3DUnknown%3B%24qpc%3D380000%3B%24qt%3D107_7_29856t%3B%24dma%3D0
.smartadserver.com/	1970-01-20 11:15:14	Name: csfq Value: 1
.smartadserver.com/	1970-01-20 20:45:28	Name: lcsrd Value: 2023-04-21T22:03:00.8495248Z
.smartadserver.com/	1970-01-20 11:15:14	Name: rpools Value: 111
.adform.net/	1970-01-20 11:58:26	Name: C Value: 1
.adform.net/	1970-01-20 12:41:38	Name: uid Value: 8606878047360377700
.id5-sync.com/	1970-01-20 13:24:50	Name: id5 Value: f3f93bc3-447c-7b1b-9337-56ffa91477b7#1682114337657#4
.id5-sync.com/	1970-01-20 13:24:50	Name: 3pi Value: 112#1682114340897#2069755677#39ECE741232877CF\|2#1682114341989#346578727#4417596967988441470\|3#1682114339240#1873085694#f65e6443-0722-4e00-9d60-49400f7fbaa8\|102#1682114338939#-1858490819\|264#1682114339580#1161469672#e6dcd8c2-0984-47e4-831b-9f38d1c78845\|104#1682114340026#927173506#debfa3c7-fae8-4d37-bda9-b68880222ba0\|10#1682114342472#1744295411#8606878047360377700
.lkqd.net/	1970-01-20 20:00:50	Name: lkqdidts Value: 1682114342
.lkqd.net/	1970-01-20 20:00:50	Name: sr59 Value: 1\|CAESECbOsq_oB8JRdbYwBitOa48\|1682114342
.lkqd.net/	1970-01-20 20:00:50	Name: lkqdid Value: Xs4BjUmsgoY
.casalemedia.com/	1970-01-20 20:00:50	Name: CMID Value: ZEMHJmrDb9vTegX.KtYMCgAA
.casalemedia.com/	1970-01-20 13:24:50	Name: CMPS Value: 3247
.casalemedia.com/	1970-01-20 13:24:50	Name: CMPRO Value: 3247
.onetag-sys.com/	1970-01-20 20:51:14	Name: OTP Value: rMxCYIV02tVZDjwSPP9ra_Sbyzc_ObvwThKpCi176aA
.3lift.com/	1970-01-20 13:24:50	Name: tluid Value: 3884473132729541786822
.zemanta.com/	1970-01-20 20:00:50	Name: zuid Value: BD_IsjEZ3OZHElvkkuv8
.rubiconproject.com/	1970-01-20 20:00:50	Name: audit Value: 1\|P1tWeDHal+VrWnZsXVGDs07xTFskKrfIQ4jOKpHDRQ+GGao+ISL+O9ZMP0xyJMVmn921bTkXSpyM1KxoLazIt6NWShwHx7KI6rocrMY9/A/1mwnvGjGvP9Fa1ny4ke/YSOwuWj+RBpHD2DWlM1ZBw3EIczZWES83uB4MYhTykiDBi834IZRJWM9sdGeFC9lF
.pubmatic.com/	1970-01-20 11:16:40	Name: pi Value: 159706:3
.yahoo.com/	1970-01-20 20:01:11	Name: A3 Value: d=AQABBCcHQ2QCEMYE0y-3Hcm4UMdN7kQ5HtoFEgEBAQFYRGRMZAAAAAAA_eMAAA&S=AQAAAg2-64qmucG2Xu2lgtlkdf8
.analytics.yahoo.com/	1970-01-20 20:00:50	Name: IDSYNC Value: 194o~2b7x
.adsrvr.org/	1970-01-20 20:02:16	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCNTH7vC0r-E7EAUYASABKAIyCwjUv_Gdy6_hOxAFOAFaB3N2eDl0NTBgAg..
.smilewanted.com/	1970-01-20 20:01:11	Name: sw_user_params_infos Value: 8sdRREvsw7LjLys0YvGw8wfaV6FeazOMy%2B4DvAFuVxmoqFZXkPif6afHs%2FGI02gF%2BtL1m%2FCiYh4vUzLu28vslwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6tRv%2FlfDo0pTZu%2Fw1SWSjoQ%3D%3D
.pubmatic.com/	1970-01-20 13:24:50	Name: SyncRTB3 Value: 1683244800%3A220_21
.pubmatic.com/	1970-01-20 11:15:14	Name: ipc Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/	1970-01-20 13:24:50	Name: chkChromeAb67Sec Value: 2

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fstatic.netpub.media/r/65252e09f37568e50b939acc69d175c0/service.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://paste1s.com/notes/3VQCO5Y Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://paste1s.com/notes/3VQCO5Y Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://paste1s.com/notes/3VQCO5Y Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id5-sync.com/k/264.gif?puid=e6dcd8c2-0984-47e4-831b-9f38d1c78845&ttl=%%TTL%% Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://paste1s.com/notes/3VQCO5Y Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://paste1s.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smartadserver.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.4dex.io').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://googleads.g.doubleclick.net').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smartadserver.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://paste1s.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://u.4dex.io').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security	error	URL: https://assets.a-mo.net/js/cframe.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://csync.smilewanted.com').
network	error	URL: https://ow.pubmatic.com/setuid?bidder=amx&uid=090bc00d-2a93-4bdb-b17d-508f6930049e Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.creative-serving.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
ap.lijit.com
assets.a-mo.net
b1h.zemanta.com
b1sync.zemanta.com
c.4dex.io
c.bing.com
c.tmyzer.com
c1.adform.net
cdn.shopify.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
ced.sascdn.com
cm.adform.net
cm.g.doubleclick.net
cmp.quantcast.com
creativecdn.com
cs.lkqd.net
csync.smartadserver.com
csync.smilewanted.com
d2zur9cc2gf1tx.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fstatic.netpub.media
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.3lift.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
kvt.sddan.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
onetag-sys.com
ow.pubmatic.com
p.cpx.to
pagead2.googlesyndication.com
paste1s.com
pbjs.e-planning.net
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.smilewanted.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.smilewanted.com
sync.1rx.io
sync.mathtag.com
sync.richaudience.com
tag.leadplace.fr
tlx.3lift.com
tpc.googlesyndication.com
u.4dex.io
u.openx.net
uipglob.semasio.net
ups.analytics.yahoo.com
us.ck-ie.com
ww1097.smartadserver.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.creative-serving.com
b1sync.zemanta.com
cm.adform.net
creativecdn.com
csync.smilewanted.com
dis.criteo.com
id.a-mx.com
image4.pubmatic.com
onetag-sys.com
ow.pubmatic.com
pagead2.googlesyndication.com
prebid-server.rubiconproject.com
prebid.smilewanted.com
ssum.casalemedia.com
sync.1rx.io
sync.richaudience.com
us.ck-ie.com
x.bidswitch.net
104.18.2.114
104.19.158.19
104.22.24.87
104.22.69.131
104.26.5.26
104.26.9.169
13.107.21.200
13.107.42.14
13.248.245.213
13.32.27.86
13.32.99.28
142.250.181.234
142.250.185.130
142.250.185.162
142.250.185.194
142.250.186.102
142.250.186.130
142.250.186.136
142.250.186.161
142.250.186.35
142.250.186.42
145.239.192.166
146.20.128.100
147.75.84.158
156.146.33.17
162.19.138.116
162.19.138.117
178.250.1.11
18.194.204.152
18.200.133.96
18.203.73.89
18.66.97.31
185.255.84.151
185.29.132.245
185.64.189.110
185.80.39.216
185.86.138.152
185.86.139.104
188.114.97.3
188.114.98.0
193.3.178.3
198.47.127.18
2.16.186.10
2.16.186.16
2.16.186.41
216.239.36.178
216.52.2.6
216.58.212.130
23.227.60.200
3.120.144.155
3.125.61.64
3.33.220.150
3.75.62.37
34.149.40.38
35.241.34.106
35.244.159.8
35.244.174.68
37.157.6.233
37.157.6.246
37.252.171.52
37.252.171.85
51.158.28.82
51.89.9.252
52.210.243.186
52.31.91.58
52.46.155.104
54.38.64.100
64.74.236.63
65.9.7.64
69.173.144.138
77.243.51.121
79.125.111.148
81.17.55.98
91.228.74.208
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00c52bee8e18843fc615f12e24cfa15a163e9534f26cb2b1937028018de1d96c
0138a397ea954dfb7486525dcfdb18ff24b7c4d6c501981b76d731277f26f879
0665c031de4ef6b6de993aeaa88c791ff4f224efa967206118a3e58f1a282cfc
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1edc90923288d40c6fab87cd6ee8a60f0306d0a2bcfa43131ca0b7ce4d29d327
22560f4ac08886d0801899adf990f533041a6be25d3a2c77d270d63a5528df44
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
31e5fb043938f7aff456e97c06d85e24de3ed2a33dd62dea9886c24b67061185
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f05ae8fbc9c6ccb3447dd3a71665ca872318d3996369313c374968ad3aaa14d
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a5b8d08f85fb057c1aefa8d400998f3de016793461f71090d3cb04e8618fe0
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
56a6d7fd926cc41bffa1cd8554a52be2c3d22d190d346c8c5f95afd6b338e0c3
56eae18860c4066cfed9fd5acc171937087f46fc042a8df7e56418df29a63f24
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a200b67450da7b221ae617a078d3114819e73384cf781b22ca84cc8d53cc5d5
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cab717d72036eb7ea203aea8be175c98c26d0d5ef7e108df8687eed7b1678c5
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6fc13ec563f7bfee406af162ff190e850f11355403e3647a36a8d14b695eae70
767f14aae2bf523fce50f80f996c9748e4cd609d1b2150488d2c556fd1c991ad
79ee4ccd74ffe68cb3992c0f6044438847b5331c419b0fb733d851dc50528f79
7ed3b3e7cc5d46c24c6e02c7bd33100fbdd09822b0fb230956369b4881da6953
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
81b8a613f62dd2e1322dc323643269dca40df467b329d2c583ba3c57e3b57f2e
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
8798b894d9c957b5e9a4f3795cf3641b999ce18af4623b9a71a2e063fde7cc64
892245a61373c7d74f1209a05ec18deece342e31b9ad4d2cbd506ba00f1e3581
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
95ee88d5d258b6185f89470528994c314ab818dbe02aefe6075d5ec33f1a9501
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af42f99bd5a10c8ab7a32f3129857b126b1e5ab04979fc8665a17c343eb8753
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b9252c2f0ce90582dec0abda9ea678661ec6b509f3330919e1c67ce0741b32
a22ef20b5eeb20da6a9305f243c83cf3c969efdad6264e8025bb41a7a8b6159f
a3d9126182541a330a55ed507eef56ba5fdd5c5d9f2525bc07136ece9d1e3db7
a4398b4a43a6198a22ef0fc2e7368c3a129778a50da9286fdb436738ad956b27
a559f41c7e0d2f4852afbf1cf44b736b9158e65b01843c05850f6e8d6b6db9b6
a8aed46dba06a6b68d94a3204205fc78f1e9fc5c90e69ca49fad346e3b7e47b2
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b8b0db583acb8255792448212abc01984bed38a2799697ef8b9b09d410b283d0
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bccf82d43a087f44f18f52a191ab456f4186e4477617fdf09c6b66e3d4470d57
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca4632c98402232ce11da4c8e646385be9993ff53bc0fe70fc5bce163f41f674
d1155aebbf89bbec6fadb9245f8c84cc74313cba6bba974a8c5cfe0c9077460c
d74e0bc3c37ed1660d8167657b25e05e856d8e817227e713900127232ebc8aef
dd19c7daef60997e8100a638e67d902d7337b7d04b123aeaf762f11ffa5cf0e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb0d6b6deb07528c3aacc83225d29f085f5e8ad0c05e7182e1d254c31fd4f1bd
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ecbc60f0ded5c6ff9296cc46eeec859bd919e53c5e87154b31bfe2c3d4e980aa
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee90c34f782072d4d22c8a9029cd3608b5c81190761e34ef2b3f799e3928a86f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64c06e715e181775e12a4f1ff456c55ceb742a0193ded36926cf6bc6d7f87b
f1d0e50c440571cffce4c7aea610d6cbee0f2a15f1058aef12b225e3e246e404
f29d2835c1e6d4b6bf8db200d268fed481ed8be1f46a45148fc396584d210efa
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f4f84044c9f3e680342c05e5879575337a46d2ceffb9cee2cf9e840fd26a1d36
fb6f64025c97613b5f8518dae9e2373bb3cfb3217c45af3aa9a84e3d82f835f1
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223
fc8c1d41c334140c6f3880ddea76ac68f0d1f8bd1c482ba10c1c854890b55499
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

paste1s.com Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

67 %HTTPS

0 %IPv6

62 Domains

92 Subdomains

64 IPs

9 Countries

1206 kBTransfer

3287 kBSize

72 Cookies

4 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste1s.com Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

67 %
HTTPS

0 %
IPv6

62
Domains

92
Subdomains

64
IPs

9
Countries

1206 kB
Transfer

3287 kB
Size

72
Cookies

190 HTTP transactions
0 data transactions