pastelink.net Open in urlscan Pro
89.35.29.15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastelink.net/7tiio5hn
Submission: On April 13 via manual (April 13th 2023, 9:39:57 am UTC) from US — Scanned from SG

Summary HTTP 138 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 58 IPs in 9 countries across 51 domains to perform 138 HTTP transactions. The main IP is 89.35.29.15, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 100717.
TLS certificate: Issued by R3 on April 1st 2023. Valid for: 3 months.

This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	89.35.29.15 89.35.29.15	25369 (BANDWIDTH-AS) (BANDWIDTH-AS)
2	2404:6800:400... 2404:6800:4003:c03::5f	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c05::93	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c06::61	15169 (GOOGLE) (GOOGLE)
3	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c06::5e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c04::71	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c0f::9b	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.12.148 142.251.12.148	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c00::9a	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	64.227.38.224 64.227.38.224	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.236.169.225 44.236.169.225	16509 (AMAZON-02) (AMAZON-02)
2	51.79.234.101 51.79.234.101	16276 (OVH) (OVH)
1	52.31.141.253 52.31.141.253	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.254.150.228 104.254.150.228	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	207.65.33.78 207.65.33.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2406:2600:7:1... 2406:2600:7:100::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	184.31.28.212 184.31.28.212	16625 (AKAMAI-AS) (AKAMAI-AS)
2	67.199.150.81 67.199.150.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	207.65.33.82 207.65.33.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
6	67.199.150.86 67.199.150.86	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1 1	172.104.45.159 172.104.45.159	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1	18.182.204.40 18.182.204.40	16509 (AMAZON-02) (AMAZON-02)
1	13.250.207.233 13.250.207.233	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.18.47.7 8.18.47.7	398989 (DEEPINTENT) (DEEPINTENT)
1	34.149.40.38 34.149.40.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6 6	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
1 2	54.255.95.2 54.255.95.2	16509 (AMAZON-02) (AMAZON-02)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	50.57.31.206 50.57.31.206	() ()
1 2	119.9.108.191 119.9.108.191	() ()
1 1	35.247.47.28 35.247.47.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2406:da18:929... 2406:da18:929:5a01:52cc:d2de:4934:10b8	16509 (AMAZON-02) (AMAZON-02)
2 2	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
3	67.199.150.85 67.199.150.85	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2.20.137.181 2.20.137.181	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.66.150.27 23.66.150.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2404:6800:400... 2404:6800:4003:c02::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c03::9a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
1 2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	185.84.60.29 185.84.60.29	198622 (ADFORM) (ADFORM)
138	58

12 89.35.29.15 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: 15.29.35.89.baremetal.zare.com

pastelink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::93 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c06::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::71 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::9b (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c00::9a (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.38.224 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-17.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.169.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-169-225.us-west-2.compute.amazonaws.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.234.101 (Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.141.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-141-253.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.28.212 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-28-212.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.81 (Singapore)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.243 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.18.111 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.45.159 (Singapore) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1625-159.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.182.204.40 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-204-40.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.207.233 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.156 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.255.95.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-95-2.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.57.31.206 (None, ) 1 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.191 (None, ) 1 redirects

ASN- ()

uipapac.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.247.47.28 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a01:52cc:d2de:4934:10b8 (Singapore)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.143.106.89 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.199.150.85 (Singapore)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.137.181 (Tseung Kwan O, Hong Kong) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-137-181.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.66.150.27 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-150-27.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::9a (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c00::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.84.60.29 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 500 ads.pubmatic.com — Cisco Umbrella Rank: 509 image6.pubmatic.com — Cisco Umbrella Rank: 779 simage2.pubmatic.com — Cisco Umbrella Rank: 733 image2.pubmatic.com — Cisco Umbrella Rank: 999 image4.pubmatic.com — Cisco Umbrella Rank: 1076 simage4.pubmatic.com	38 KB
12	pastelink.net pastelink.net — Cisco Umbrella Rank: 100717	224 KB
11	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 498 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1069 eus.rubiconproject.com — Cisco Umbrella Rank: 577 token.rubiconproject.com — Cisco Umbrella Rank: 574 pixel.rubiconproject.com Failed	26 KB
11	doubleclick.net 6 redirects ad.doubleclick.net — Cisco Umbrella Rank: 172 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	140 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	40 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 748 dis.criteo.com — Cisco Umbrella Rank: 718 gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381	8 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	202 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 581	20 KB
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 2110 mp.4dex.io — Cisco Umbrella Rank: 2436 u.4dex.io — Cisco Umbrella Rank: 4823	27 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	1 KB
3	semasio.net 2 redirects uipglob.semasio.net uipapac.semasio.net	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 368	2 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 467	1 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 940 api.btloader.com — Cisco Umbrella Rank: 1036	8 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 20827	143 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 90	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 670	57 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 805	856 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 820 s.tribalfusion.com — Cisco Umbrella Rank: 2028	1 KB
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5457	662 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 828	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1016	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	145 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	adform.net c1.adform.net — Cisco Umbrella Rank: 584	601 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 400	519 B
1	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 26990	532 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 804	660 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1020	45 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1437	231 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 19351	220 B
1	ad-m.asia sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2988	243 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2331	394 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2966	642 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 712	594 B
1	ambientdsp.com 1 redirects cm.ambientdsp.com — Cisco Umbrella Rank: 23099	653 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	736 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2445 public.servenobid.com Failed	681 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4055	1022 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1373 contextual.media.net Failed	1 KB
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 21004	666 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	26 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	30 KB
0	linksynergy.com Failed tags.rd.linksynergy.com Failed
0	amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed s.amazon-adsystem.com Failed
0	nrich.ai Failed dsp.nrich.ai Failed
0	loopme.me Failed csync.loopme.me Failed
0	iprom.net Failed core.iprom.net Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
138	51

	Domain	Requested by
12	pastelink.net	pastelink.net
6	cm.g.doubleclick.net	6 redirects
6	image2.pubmatic.com	ads.pubmatic.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	eus.rubiconproject.com	pastelink.net eus.rubiconproject.com cdn4.buysellads.net
4	simage2.pubmatic.com	ads.pubmatic.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	match.adsrvr.org	3 redirects eus.rubiconproject.com
3	pixel.tapad.com	2 redirects ads.pubmatic.com
3	ads.pubmatic.com	pastelink.net ads.pubmatic.com cdn4.buysellads.net
3	ib.adnxs.com	cdn4.buysellads.net acdn.adnxs.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn4.buysellads.net	pastelink.net
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	simage4.pubmatic.com	ads.pubmatic.com
2	token.rubiconproject.com	1 redirects eus.rubiconproject.com
2	ups.analytics.yahoo.com	2 redirects
2	uipapac.semasio.net	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	image6.pubmatic.com	ads.pubmatic.com
2	onetag-sys.com	cdn4.buysellads.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	api.btloader.com	btloader.com
2	ad-delivery.net	pastelink.net
2	www.googletagmanager.com	pastelink.net www.googletagmanager.com
2	www.google.com	pastelink.net tpc.googlesyndication.com
2	fonts.googleapis.com	pastelink.net
1	c1.adform.net	ads.pubmatic.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	mug.criteo.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.sg	securepubads.g.doubleclick.net
1	secure-assets.rubiconproject.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	1 redirects
1	uipglob.semasio.net	1 redirects
1	u.4dex.io	ads.pubmatic.com eus.rubiconproject.com
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	dps.jp.cinarra.com	ads.pubmatic.com
1	sync-dsp.ad-m.asia	ads.pubmatic.com
1	gocm.c.appier.net	1 redirects
1	cm-supply-web.gammaplatform.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	cm.ambientdsp.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bidder.criteo.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	ad.doubleclick.net	pastelink.net
1	www.googletagservices.com	cdn4.buysellads.net
1	btloader.com	cdn4.buysellads.net
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	pastelink.net
1	code.jquery.com	pastelink.net
0	tags.rd.linksynergy.com Failed	ads.pubmatic.com
0	public.servenobid.com Failed	cdn4.buysellads.net
0	contextual.media.net Failed	cdn4.buysellads.net
0	s.amazon-adsystem.com Failed	eus.rubiconproject.com
0	aax-eu.amazon-adsystem.com Failed	eus.rubiconproject.com
0	pixel.rubiconproject.com Failed	eus.rubiconproject.com
0	dsp.nrich.ai Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	sync.srv.stackadapt.com Failed	ads.pubmatic.com
138	80

This site contains links to these domains. Also see Links.

Domain
www.ttkan.co
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.pinterest.com
www.tumblr.com
www.blogger.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org

Subject Issuer	Validity	Valid
pastelink.net R3	`2023-04-01` - `2023-06-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
cdn4.buysellads.net R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.omnitagjs.com Amazon RSA 2048 M02	`2023-02-09` - `2023-06-15`	4 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M02	`2023-02-09` - `2023-06-27`	5 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
sync-dsp.ad-m.asia GlobalSign GCC R3 DV TLS CA 2020	`2022-07-21` - `2023-08-22`	a year	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-14` - `2023-06-13`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
u.4dex.io GTS CA 1D4	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://pastelink.net/7tiio5hn
Frame ID: 1C06F251E68BCBB8ADE9520891C61563
Requests: 65 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: BFA92DAAB8111937A8CCBF045C834CED
Requests: 18 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cc996437-cde1-4300-a097-5a84e6b41051&gdpr=0&gdpr_consent=
Frame ID: 66D32106498E146D673BAFA2BF30B8B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZDfN4QACbu64AgAn&gdpr=1&gdpr_consent=&_test=ZDfN4QACbu64AgAn
Frame ID: 792F1D2D43C0BE68E24A20CF2163BBBE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=zo3vj4db8cq
Frame ID: A3B00E9FFDEDA112F8196D77FBE25E43
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3643579199655574988&gdpr=0&gdpr_consent=
Frame ID: 05FAC78BE5D459ADD795F2E14EBC32A9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z
Frame ID: 771D44C5D54C5550E72AE3B9148C89CF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3C89A2226E210B19F317C7282A4A2AD4
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 61EEBD2DB7EA625FB942BE2A9A72EEC2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=029375c1709741eba903c14b1e135eb0
Frame ID: AA6CC45483657EC58214D2E8661439B8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: FBB853648784350EB00C7FBE42ED88EB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1psyrfnuyb6b
Frame ID: 1A694AC1A54113CE4C20D676D397D408
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HrcOCLgKA2asroqo4c03ZA
Frame ID: 4B403A248A3A827480DC6E40DC1EBDB2
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: E6C4C1506A79204511CA666C2AC44AF8
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=4364E351-5B45-4501-B12D-C799ED3F5E0B
Frame ID: F054D0D9CFD25C8F297E3DE852C14959
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-22d0483b-4635-4678-90f7-7776fd5d2400-004
Frame ID: BB41189085E7FDEE9C6CFFED28BA303C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B98D5F007200018330A3E241B60CCE81
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B3962480994CABE37C6D21750318DC0C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1B72F517A19955FA5765F4F9AF5357B0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 13CF0F5F2929E53DCC54458D21E8FCC5
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 46C75610F37131BD6A8A8A4858194513
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)4364E351-5B45-4501-B12D-C799ED3F5E0B
Frame ID: EE363A0F96C188CAEF6B35EF91B80C66
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 7B588DE05EF6A8F0583212C6451C2F58
Requests: 11 HTTP requests in this frame

Frame: https://be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BD54BDD6F33264339EEA98097CB4464
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 99D77DBEDDE111C9E010AA9662113F8F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8671C94C17F0ED03BFCD0AE671D6B30C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 323C64225F019789583E3A287833C596
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: BF4D1C43DE3B3D4BA769BF8B399164E6
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1681378785042
Frame ID: BE59360E0CBFF7C7F9C9AB3778A60565
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 27933AF37F4EC58C64D4AE6CEA57CABF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7D0B3ABEEC219B54737526FDC8059BA6
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3D2556C9EAC2A94A5E7B9301C7A398A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5A7800F053B2763BEA025AFE92CF6F3B
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=
Frame ID: B9376ED63FD7A1B57F959A21AD8500D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2g6Q96401PMTqJ5&gdpr=0&gdpr_consent=
Frame ID: B6F5DE06146E620FE42311EF7CAF1170
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB&gdpr=0&gdpr_consent=
Frame ID: FBFE7806E59CA6750D66F5A91B4FF044
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

笔下生花的小说臨淵行 txt- 第七百六十二章太子（求月票） - Pastelink.net

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

138
Requests

73 %
HTTPS

40 %
IPv6

51
Domains

80
Subdomains

58
IPs

9
Countries

1164 kB
Transfer

2858 kB
Size

74
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ttkan.co/novel/chapters/linyuanxing-zhaizhu
Title: https://www.ttkan.co/novel/chapters/linyuanxing-zhaizhu

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%20https://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%20%0Ahttps://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://https://pastelink.net/7tiio5hn&title=%20

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://pastelink.net/7tiio5hn&description=%20&media=https://pastelink.net/assets/images/pastelink-logo-square.png

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share?v=3&u=https://pastelink.net/7tiio5hn&t=%20&posttype=link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=https://pastelink.net/7tiio5hn&n=%20

Search URL Search Domain Scan URL

URL: https://profitquery.com/add-to/livejournal/?url=https://pastelink.net/7tiio5hn&title=%20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%20&url=https://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://pastelink.net/7tiio5hn&text=%20

Search URL Search Domain Scan URL

URL: https://www.meneame.net/submit?url=https://pastelink.net/7tiio5hn

Search URL Search Domain Scan URL

URL: https://diasp.org/bookmarklet?url=https://pastelink.net/7tiio5hn&title=%20&jump=doclose

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cc996437-cde1-4300-a097-5a84e6b41051&gdpr=0&gdpr_consent=

Request Chain 57

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZDfN4QACbu64AgAn HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZDfN4QACbu64AgAn&gdpr=1&gdpr_consent=&_test=ZDfN4QACbu64AgAn

Request Chain 58

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=zo3vj4db8cq

Request Chain 59

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3643579199655574988&gdpr=0&gdpr_consent=

Request Chain 60

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z

Request Chain 63

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=029375c1709741eba903c14b1e135eb0

Request Chain 65

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1psyrfnuyb6b

Request Chain 66

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HrcOCLgKA2asroqo4c03ZA

Request Chain 69

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1681378785251 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7229654968 HTTP 302
https://sync.1rx.io/usersync/turn/7735481658538523224?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-22d0483b-4635-4678-90f7-7776fd5d2400-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-22d0483b-4635-4678-90f7-7776fd5d2400-004 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-22d0483b-4635-4678-90f7-7776fd5d2400-004

Request Chain 71

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q2TjUVtFRQGxLceZ7T9eCw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q2TjUVtFRQGxLceZ7T9eCw%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 77

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=&ct=y

Request Chain 78

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=4364E351-5B45-4501-B12D-C799ED3F5E0B HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=4364E351-5B45-4501-B12D-C799ED3F5E0B HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=64277c91-2a0f-453a-8a40-61e669273180%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f58faa0-f35e-4eb5-88af-13ccac6ad941&ttd_puid=64277c91-2a0f-453a-8a40-61e669273180%2C%2C

Request Chain 79

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM2NEUzNTEtNUI0NS00NTAxLUIxMkQtQzc5OUVEM0Y1RTBC&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM2NEUzNTEtNUI0NS00NTAxLUIxMkQtQzc5OUVEM0Y1RTBC&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPzsakf2LeO7o5G6TfV_5qU&google_cver=1

Request Chain 82

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB

Request Chain 84

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f58faa0-f35e-4eb5-88af-13ccac6ad941&gdpr=0&gdpr_consent=

Request Chain 85

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4364E351-5B45-4501-B12D-C799ED3F5E0B&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4364E351-5B45-4501-B12D-C799ED3F5E0B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7GbZMjdE2uVWVHg1U39STguweIQ7VOc-~A&gdpr=0

Request Chain 86

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ae7750f1-b690-49fc-a21c-5ea7f31a1065&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 87

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6639759391589628784

Request Chain 88

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4420550857817127512&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 89

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ad21b065272534&is_secure=true&networkId=17100&version=1&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANN6EekMF16AMdk74SAAAAAAA&expiration=1681465185&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 90

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6289378468257146541

Request Chain 91

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

Request Chain 104

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LGEXIMNE-1I-2466 HTTP 302
https://u.4dex.io/setuid?bidder=rubicon&uid=LGEXIMNE-1I-2466

Request Chain 106

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGEXIMNE-1I-2466

Request Chain 107

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/kgZFcUaoZHV22gOb88Ka-sn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aaqzNRBE2oKLLWgEYjc7r1ThQUFTw.R_2JMpwQ--~A

Request Chain 111

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdFWElNTkUtMUktMjQ2Ng== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHFgbI_4I3tH_P1yONiOt64&google_cver=1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDAE-OKE26wzmlXHwZ-q1iI&google_cver=1

Request Chain 114

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1 HTTP 302
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDfN42wJnsd_UeTsM_QdggAAE0UAAAIB

Request Chain 120

https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Tah7u3xSNzNYcmx3NHJXS0hjMkdUMzZQbTB5T2RsaldSbFZHUlhNbW9SdUc2QUF4bE9FME8yTU12UU9QSlBnT1MxOEgzZzMrbm0weGI4TlJxYlhMZ3FwQTN4czFid1V3S2duRXhWa2NyZ2NTMDFhRWpGVWNYUExhNGpyZnM1RUJ3bk1INU9EbGcxZDEwbnFadUhwTDVWbE5PeHZ6UFg0RDRpRVcvOWYwZnA4RzFSOWFnZTVubmFOVDNWaDB6dnBqcU5OSlp2UXo0aEU0THUrdFVLVUIyYWpDeU5ta2Uyd1gvVXAySHBZTWdjZUlnc1Y3QTV2dTZGTkZJdlNSWDNKUlNacW12MjJvOGNuUzFHMmNsUkVCL09qQ3JFUT09fA&cppv=2

Request Chain 130

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2g6Q96401PMTqJ5&gdpr=0&gdpr_consent=

Request Chain 131

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB&gdpr=0&gdpr_consent=

Request Chain 132

https://idsync.rlcdn.com/420486.gif?partner_uid=4364E351-5B45-4501-B12D-C799ED3F5E0B HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDQzNjRFMzUxLTVCNDUtNDUwMS1CMTJELUM3OTlFRDNGNUUwQhAAGg0I5ZvfoQYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=807a19768b02b835fa88fa94f5cf6a745aee2c24a1e8ca52232a178df74f4fe5791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4MDdhMTk3NjhiMDJiODM1ZmE4OGZhOTRmNWNmNmE3NDVhZWUyYzI0YTFlOGNhNTIyMzJhMTc4ZGY3NGY0ZmU1NzkxNDI2YjU0MTdkY2UyMRAAGgwI55vfoQYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4MDdhMTk3NjhiMDJiODM1ZmE4OGZhOTRmNWNmNmE3NDVhZWUyYzI0YTFlOGNhNTIyMzJhMTc4ZGY3NGY0ZmU1NzkxNDI2YjU0MTdkY2UyMRAAGgwI55vfoQYSBAgCEABCAEoA&google_gid=CAESEKSJQEdg67QwvqspCw7rPhs&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=

138 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 7tiio5hn Show response
pastelink.net/ 35 KB
12 KB 1006ms
330ms Document
text/html 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

72e4e0bd3706b26b3f2a5ca37868038a6d80c9e1eb1ac0a09157e14052f63a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 13 Apr 2023 09:39:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
769 B 17ms
7ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b68a7f87308f4eb7e29a79f21e599796ad984353fe505b8a7a25f4ebc1ddee47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 09:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Apr 2023 09:39:43 GMT

GET
H2 200 styles.css
pastelink.net/assets/css/ 121 KB
121 KB 167ms
167ms Stylesheet
text/css 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/css/styles.css?q=35

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/7tiio5hn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 14:09:07 GMT
server: nginx
etag: "63b82b83-1e279"
content-type: text/css
accept-ranges: bytes
content-length: 123513

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 526ms
175ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:43 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1681378783.dop107.la3.t,1681378783.cds243.la3.hn,1681378783.cds267.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 script.min.js Show response
pastelink.net/assets/js/ 41 KB
41 KB 166ms
166ms Script
application/javascript 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/script.min.js?q=35

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/7tiio5hn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 17 Nov 2022 12:00:15 GMT
server: nginx
etag: "6376224f-a225"
content-type: application/javascript
accept-ranges: bytes
content-length: 41509

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 2 KB
1 KB 20ms
9ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3672768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzkhPInjC3QiK%2BNYz9PUwjqe%2BrvZuadEprTWwB9Y6Eq9dzbEdfC8oLSFUrF8avfcxP2PGdkXisEQGsoSsDGscj6bb%2FNNS%2FwFwkHC765FtN3OgGLTbsMah%2Bflm5qI0sUGwT%2BddaaXVSWn17ByOP6cJXTr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b72be5479663f8f-SIN
expires: Tue, 02 Apr 2024 09:39:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 758 B
800 B 14ms
6ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6638f387e0ff4c0dc3c7f79ff49428f8f82f1b1d47e62f4815c92baa227917f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 13 Apr 2023 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 09:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 13 Apr 2023 09:39:43 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
897 B 18ms
7ms Script
text/javascript 2404:6800:4003:c05::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22cbfacb817672ee585cad64df18ef6224f206e271b1f934f117337cf9d26ede

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
x-xss-protection: 1; mode=block
expires: Thu, 13 Apr 2023 09:39:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
67 KB 20ms
9ms Script
application/javascript 2404:6800:4003:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

623161f2ab1348bcdc695c230cb64dcd32bcd26ede9be21eb65a953e257b3b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68032
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Apr 2023 09:39:44 GMT

GET
H2 200 pastelink.js Show response
cdn4.buysellads.net/pub/ 522 KB
142 KB 123ms
41ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: a5bd8daa39dfc3e4a23bd9ac3c0ff02fd751a86f45e7f45fc7b2a674b0a4aac3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
content-encoding: gzip
last-modified: Thu, 13 Apr 2023 09:13:38 GMT
server: AmazonS3
x-amz-request-id: 4668KBKCS21J9H8Z
etag: "e7424faa0b69fcd17a6fc9526985dba8"
x-amz-server-side-encryption: AES256
x-hw: 1681378784.cds024.hk1.hn,1681378784.cds217.hk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 145051
x-amz-id-2: xcCi+v08ya438ygBhx7zBZFKF4NbShURkvLJNfTgbwTqAwZPKSnxsug7wP9Y9S+x6ZiJYAmbQ1nmK19RaIW4TVWGq6ZmXR2gKJ95MkckglU=

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 415 KB
166 KB 14ms
4ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edf6e3797e68ca65c02a261a4bbd3f53dcdcc054f601c388c9bbb2b77f4c596b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169022
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 01:47:39 GMT

GET
H2 200 debut_light.png
pastelink.net/assets/images/ 4 KB
4 KB 166ms
165ms Image
image/png 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/debut_light.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-10c8"
content-type: image/png
accept-ranges: bytes
content-length: 4296

GET
H2 200 pastelink-logo.svg
pastelink.net/assets/images/logo/ 3 KB
3 KB 166ms
166ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-d3d"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3389

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-down-blue.svg
pastelink.net/assets/images/ 239 B
410 B 166ms
165ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/arrow-down-blue.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-ef"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 239

GET
H2 200 moon.svg
pastelink.net/assets/images/ 2 KB
2 KB 166ms
166ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/moon.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-62e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1582

GET
H2 200 public-black.svg
pastelink.net/assets/images/ 578 B
750 B 167ms
167ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/public-black.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-242"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 578

GET
H2 200 social-spritesheet.png
pastelink.net/assets/images/ 28 KB
28 KB 167ms
167ms Image
image/png 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/social-spritesheet.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-70de"
content-type: image/png
accept-ranges: bytes
content-length: 28894

GET
H2 200 logo-bg-90-tl.svg
pastelink.net/assets/images/ 2 KB
2 KB 168ms
166ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-bg-90-tl.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-933"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2355

GET
H2 200 pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 4 KB
4 KB 169ms
167ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-e31"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3633

GET
H2 200 logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 4 KB
5 KB 169ms
168ms Image
image/svg+xml 89.35.29.15
BANDWIDTH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),

Reverse DNS

15.29.35.89.baremetal.zare.com

Software

nginx /

Resource Hash

15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=35
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Oct 2022 11:31:15 GMT
server: nginx
etag: "6347f703-11c0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4544

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 18ms
7ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 06:26:10 GMT
x-content-type-options: nosniff
age: 98014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Apr 2024 06:26:10 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 19ms
8ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 17:55:31 GMT
x-content-type-options: nosniff
age: 143053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 17:55:31 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 19ms
9ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:27:47 GMT
x-content-type-options: nosniff
age: 151917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 15:27:47 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 21ms
10ms Font
font/woff2 2404:6800:4003:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 20:17:03 GMT
x-content-type-options: nosniff
age: 134561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 20:17:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 12ms
3ms Script
text/javascript 2404:6800:4003:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Apr 2023 08:26:07 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4417
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 13 Apr 2023 10:26:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
78 KB 6ms
5ms Script
application/javascript 2404:6800:4003:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23cbbe11544be1c7265955d3149ad794e28efa652abc60ade6e3378640099449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Apr 2023 09:39:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 4ms
4ms XHR
text/plain 2404:6800:4003:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=819682583&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2F7tiio5hn&ul=en-us&de=UTF-8&dt=%E7%AC%94%E4%B8%8B%E7%94%9F%E8%8A%B1%E7%9A%84%E5%B0%8F%E8%AF%B4%20%E8%87%A8%E6%B7%B5%E8%A1%8C%20txt-%20%E7%AC%AC%E4%B8%83%E7%99%BE%E5%85%AD%E5%8D%81%E4%BA%8C%E7%AB%A0%20%E5%A4%AA%E5%AD%90%EF%BC%88%E6%B1%82%E6%9C%88%E7%A5%A8%EF%BC%89%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=286813917&gjid=777019423&cid=1946816816.1681378784&tid=UA-55088947-2&_gid=1329719421.1681378784&_r=1&_slc=1&gtm=45He34a0n8155WHPWQ&z=2031724860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 5ms
5ms Ping
text/plain 2404:6800:4003:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je34a0&_p=819682583&cid=1946816816.1681378784&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681378784&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F7tiio5hn&dt=%E7%AC%94%E4%B8%8B%E7%94%9F%E8%8A%B1%E7%9A%84%E5%B0%8F%E8%AF%B4%20%E8%87%A8%E6%B7%B5%E8%A1%8C%20txt-%20%E7%AC%AC%E4%B8%83%E7%99%BE%E5%85%AD%E5%8D%81%E4%BA%8C%E7%AB%A0%20%E5%A4%AA%E5%AD%90%EF%BC%88%E6%B1%82%E6%9C%88%E7%A5%A8%EF%BC%89%20-%20Pastelink.net&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
btloader.com/ 22 KB
8 KB 26ms
9ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d931c2bb090d34973fe3fb0fe5ebf626651793c461723d70c8138c65016569a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Apr 2023 09:32:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 441
etag: W/"b59a5f51a3ff5b754df58100fd480400"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX40WxN0mXB1JPLRSf05Qb6m7czrpE%2BfmTFk81z02vnpNoJrOt68JJI7OUlDoVFJ%2FFr7D%2FTF9NMDE2rK7u5%2BDn6vPHhx1lomTR%2BLa7TIS4mer9c9h1XAmO2%2FincO2okbbQbv8OBXRyERqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7b72be5a799b4804-SIN

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 34ms
21ms Script
text/javascript 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca9abec2586b5cd15a5d96d0bc4b5a755476478407dc70a4ca3f4337673c6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25781
x-xss-protection: 0
server: cafe
etag: 29 / 19460 / m202304050101 / config-hash: 11789896269357185813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 13 Apr 2023 09:39:44 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
287 B 281ms
281ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=4.7647852427646455
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: TF9S5D84JGFKRGX9
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1681378784.cds024.hk1.hn,1681378784.cds219.hk1.sc,1681378784.cds219.hk1.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: N/DwFfkjotvacuDEpooNykkeTeLzRvZ0C8AEsif5g0wfmKu726NzDUIqYEZa5ulsXWAvb/9TiyCPslecKOEfdg==

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
239 B 284ms
283ms Image
image/gif 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=4.7647852427646455
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: AmazonS3
x-amz-request-id: TF9ZNDM7PBJH88A3
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-hw: 1681378784.cds024.hk1.hn,1681378784.cds028.hk1.sc,1681378784.cds028.hk1.p
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 43
x-amz-id-2: +R2IIeLyteKRDl6m+E2EWidUDhNRW7exKl6IDpYAhSGsZ+6Kqjwc9UfXNeHJ8ErRQPdFArwH5Qk=

GET
H2 200 px.gif
ad-delivery.net/ 43 B
344 B 28ms
12ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1498015
x-guploader-uploadid: ADPycduj2aCbYGlSuby1fUl2t7flvK5W6_r41_Ajt8GdORNrORCoXuYLdv07J7YLHRQW2Q6Ws5cRtfGidjAuT_URjdqmcQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAqaMqit4u%2Fq9Cv362wb9%2FnJSmJrXyANu3FxW%2FLDDPN%2BmdLT4E6dYwcFZD1rb1UtL%2Bprc0OjZvfwvbUNBLaOXyNT%2BJfIrllP5avHasJy5E53JwxYkoavM1%2BNMrGEGJhk1g7C48MNwt1YGlzjVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b72be5aaca14c83-SIN
expires: Mon, 27 Mar 2023 01:39:53 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
572 B 19ms
4ms Image
image/x-icon 142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pastelink.net
URL: https://pastelink.net/7tiio5hn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 05:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Apr 2023 05:59:38 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 25ms
10ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2598549505508714
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1498015
x-guploader-uploadid: ADPycduj2aCbYGlSuby1fUl2t7flvK5W6_r41_Ajt8GdORNrORCoXuYLdv07J7YLHRQW2Q6Ws5cRtfGidjAuT_URjdqmcQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkkdcCRJgrpOPKotBucdROIF2qnVp3nYUuHjhDuYRlPw8q93oHGgwslZZh0Bl0jOJM0T2pfc0%2Fx3kdNXTLo0QN5VgEpPIVegLDuwTida5vHS%2BHaWe%2BHKUcDGl2gvKYoz1ZBFIoBQx1Ud5I0VFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7b72be5aaca24c83-SIN
expires: Mon, 27 Mar 2023 01:39:53 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 399 KB
124 KB 19ms
4ms Script
text/javascript 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 20:28:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47485
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126556
x-xss-protection: 0
server: cafe
etag: 15138777047932052885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Apr 2024 20:28:19 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 72 B
604 B 18ms
6ms XHR
application/json 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9613f838798d1aed5da373796f9180a1531b4670d6762a7db38dde12ae032934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Thu, 13 Apr 2023 09:39:44 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
142 B 232ms
216ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
129 B 230ms
215ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=njyyqYSe&w=5093624318001152&o=5102648370397184&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2F7tiio5hn&sid=G36rVdWUGk&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 13 Apr 2023 09:39:44 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 CWYD627N.json Show response
srv.buysellads.com/ads/ 930 B
666 B 504ms
161ms Fetch
application/json 64.227.38.224
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=493702&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.227.38.224 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-17.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 66dbc25f6437696dcb3319d87c972b603544bc62f890eea1f5d418368834b5d1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 13 Apr 2023 09:39:45 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 552
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 25ms
9ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 09:39:44 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 655423
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtSTuzJGlAKOSldIhGXPD4%2BxRt1PRSWT63E8KXLmvDDF5q%2BMUNOKXRsxs%2BocWCWHOJ28OYm5DVpY%2BHsT%2FHOek%2FuXkve4Yo50YO6ZVsU7seck%2F7nqvEeKzPlK47oMAgg%2FSjZ1IE4oUM2LLcAl"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7b72be5deded4846-SIN

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 536ms
522ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f83cac213086e65871ca89447eb2006ef85ba32bf673b8db89d6abac2677cb09

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 514
alt-svc: clear
expires: Thu, 13 Apr 2023 09:39:44 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
1022 B 900ms
500ms XHR
application/json 44.236.169.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2F7tiio5hn

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.169.225 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-169-225.us-west-2.compute.amazonaws.com

Software

Resource Hash

d5400c86db9749bda35206026e539e3a516e9ea269b695718d0c230d2e80f3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Apr 2023 09:39:45 GMT
via: kong/2.8.3
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 0
p3p: CP="CAO PSA OUR"
x-kong-upstream-latency: 307
content-length: 485
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 102ms
79ms XHR
application/json 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 adreq Show response
ads.servenobid.com/ 765 B
681 B 534ms
173ms XHR
application/json 52.31.141.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9279
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.141.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-141-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bd3ab0a8a77f7fb4a5f243ed1c7270157737e1d1acc47e303227139a972bcaaf

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Apr 2023 09:39:45 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
mp.4dex.io/ 999 B
1 KB 101ms
82ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb80b31602ef803f54a50d5fb974f930d399cfca62e6914c030b1f59d674afdd

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-tyo
date: Thu, 13 Apr 2023 09:39:45 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7b72be5e0cf43d37-SIN
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
827 B 668ms
165ms XHR
application/json 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 Apr 2023 09:39:45 GMT
AN-X-Request-Uuid: 22329e05-9b87-47ce-9328-155f5c2b87fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://pastelink.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 355 B
682 B 1465ms
251ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F7tiio5hn&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=c4cb43cd-a93a-4e00-988f-90e7085dc155&l_pb_bid_id=44f11a90dc45d66&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.01990471192008858
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 607d859fdace93e684d24509895d13ae559be4353fea23fdab5419143a33d1cf

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 355
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 361 B
686 B 1466ms
252ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F7tiio5hn&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=3c8d4db6-c105-4645-be42-04191581e1d3&l_pb_bid_id=458f9427d15b81c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.18871699396084796
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 10a471cd19442b2f8fc04495ddd947484030512643ab3d3d98dc77854440a7c2

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 361
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 357 B
909 B 1463ms
250ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F7tiio5hn&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=067a54d0-a786-46ba-a1cc-ba0ca3abd13b&l_pb_bid_id=46e833fd2d7aea8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.693287791765995
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1906c49ad175d25e47716231ef5f10b761b4615ca057137afa71806800a9aea0

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 357
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 361 B
688 B 1468ms
255ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F7tiio5hn&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=e4aab922-9cc2-4857-ac3c-3cfd12a16716&l_pb_bid_id=475587a664409ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.3860152828950427
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 623517114aed6a946030e97608a23366e1e9a7252a3a8db7c8708048c297ab3e

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:46 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 361
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 63ms
13ms XHR
text/plain 207.65.33.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Thu, 13 Apr 2023 09:39:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 186ms
176ms XHR
application/json 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=49412115561&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Apr 2023 09:39:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 21ms
12ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 09:39:44 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 995347
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhihsMWx9FaA%2BtnTXMcgcenzI15EaiJAa1Ed1LWb6Fj%2FVBUwhIZQnvnME5FvwLLp%2BO6jE%2FJakxBzJCk%2B%2B4%2F5Iv1c9YglD0WXAcyL5zsjcE8KLqTOu2Ziaye4eLRqkWBuMaR5%2BkbtD1M9670v"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7b72be5e18c63faa-SIN

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BFA9 16 KB
6 KB 117ms
35ms Document
text/html 184.31.28.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-28-212.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=34525
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 13 Apr 2023 09:39:45 GMT
expires: Thu, 13 Apr 2023 19:15:10 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BFA9 5 KB
6 KB 23ms
4ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54242958&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e34dcd74492c3bbb01decf9b252e8280db879648807778fa442a294b6c8a2482

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 66D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cc996437-cde1-4300-a097-5a84e6b41051&gdpr=0&gdpr_consent=

42 B
326 B

4ms
4ms

Document
image/gif

207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cc996437-cde1-4300-a097-5a84e6b41051&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 13 Apr 2023 09:39:45 GMT
Expires: Thu, 13 Apr 2023 09:39:44 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 776 936c8db master nrt-pixel-x8 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cc996437-cde1-4300-a097-5a84e6b41051&gdpr=0&gdpr_consent=

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 792F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZDfN4QACbu64AgAn&gdpr=1&gdpr_consent=&_test=ZDfN4QACbu64AgAn

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A3B0
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=zo3vj4db8cq

1 B
381 B

28ms
6ms

Document
text/html

207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=zo3vj4db8cq
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-store
content-length: 0
date: Thu, 13 Apr 2023 09:39:45 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=zo3vj4db8cq
lws: 127.0.0.1
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 05FA
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3643579199655574988&gdpr=0&gdpr_consent=

0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 771D
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z

42 B
567 B

31ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 13 Apr 2023 09:39:45 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 3C89 43 B
363 B 28ms
4ms Document
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 09:39:44 GMT
expires: Thu, 13 Apr 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 465208
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET sync
sync.srv.stackadapt.com/ Frame 61EE 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AA6C
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=029375c1709741eba903c14b1e135eb0

42 B
302 B

6ms
5ms

Document
image/gif

207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=029375c1709741eba903c14b1e135eb0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Thu, 13 Apr 2023 09:42:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=029375c1709741eba903c14b1e135eb0
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame FBB8 43 B
205 B 70ms
49ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 13 Apr 2023 09:42:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1A69
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1psyrfnuyb6b

42 B
231 B

34ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1psyrfnuyb6b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Thu, 13 Apr 2023 09:39:46 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1psyrfnuyb6b
lws: 125
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4B40
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HrcOCLgKA2asroqo4c03ZA

42 B
200 B

22ms
6ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HrcOCLgKA2asroqo4c03ZA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HrcOCLgKA2asroqo4c03ZA
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H/1.1 200
OK send Show response
sync-dsp.ad-m.asia/dsp/api/sync/ Frame E6C4 43 B
243 B 3608ms
178ms Document
image/gif 220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 13 Apr 2023 09:39:48 GMT
Pragma: no-cache
Server: nginx
expires: -1

GET
H/1.1 200
OK pxd Show response
dps.jp.cinarra.com/ Frame F054 95 B
220 B 314ms
74ms Document
image/png 18.182.204.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=4364E351-5B45-4501-B12D-C799ED3F5E0B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.204.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-204-40.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: keep-alive
Content-Length: 95
Content-Type: image/png
Date: Thu, 13 Apr 2023 09:39:45 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame BB41
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1681378785251
https://ad.turn.com/r/cs?pid=45&rndcb=7229654968
https://sync.1rx.io/usersync/turn/7735481658538523224?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-22d0483b-4635-4678-90f7-7776fd5d2400-004?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-22d0483b-4635-4678-90f7-7776fd5d2400-004

0
0

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame B98D 0
231 B 122ms
5ms Document
text/plain 13.250.207.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.207.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Thu, 13 Apr 2023 09:39:45 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: aws-apsoutheast1a-delivery-1

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame B396
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
416 B

188ms
181ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7b72be611a77189b-SIN
content-length: 43
content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7b72be5fea25189b-SIN
content-type: text/html
date: Thu, 13 Apr 2023 09:39:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 159

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 1B72 0
45 B 1748ms
1168ms Document
text/plain 8.18.47.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-length: 0
date: Thu, 13 Apr 2023 09:39:45 GMT
server: b

GET cookiesync
core.iprom.net/ Frame 13CF 0
0

GET /
csync.loopme.me/ Frame 46C7 0
0

GET
H2 200 setuid Show response
u.4dex.io/ Frame EE36 0
662 B 97ms
79ms Document
text/plain 34.149.40.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)4364E351-5B45-4501-B12D-C799ED3F5E0B
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 13 Apr 2023 09:39:45 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BFA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q2TjUVtFRQGxLceZ7T9eCw%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q2TjUVtFRQGxLceZ7T9eCw%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

35ms
34ms

Image
text/html

184.31.28.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-28-212.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:45 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=34525
accept-ranges: bytes
content-length: 5554
expires: Thu, 13 Apr 2023 19:15:10 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame BFA9
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=&ct=y

49 B
544 B

38ms
37ms

Image
image/gif

54.255.95.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 54.255.95.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-95-2.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.17.71
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.10.217
content-length: 0
expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame BFA9
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=4364E351-5B45-4501-B12D-C799ED3F5E0B
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=4364E351-5B45-4501-B12D-C799ED3F5E0B
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=64277c91-2a0f-453a-8a40-61e669273180%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f58faa0-f35e-4eb5-88af-13ccac6ad941&ttd_puid=64277c91-2a0f-453a-8a40-61e669273180%2C%2C

95 B
123 B

54ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f58faa0-f35e-4eb5-88af-13ccac6ad941&ttd_puid=64277c91-2a0f-453a-8a40-61e669273180%2C%2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:45 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f58faa0-f35e-4eb5-88af-13ccac6ad941&ttd_puid=64277c91-2a0f-453a-8a40-61e669273180%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H/1.1

200
OK

info2
uipapac.semasio.net/pubmatic/1/ Frame BFA9
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent=
https://uipapac.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent=
https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

44ms
44ms

Image
image/gif

119.9.108.191

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipapac.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Server: 119.9.108.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:46 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:46 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=4364E351-5B45-4501-B12D-C799ED3F5E0B&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM2NEUzNTEtNUI0NS00NTAxLUIxMkQtQzc5OUVEM0Y1RTBC&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDM2NEUzNTEtNUI0NS00NTAxLUIxMkQtQzc5OUVEM0Y1RTBC&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
96 B

6ms
5ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPzsakf2LeO7o5G6TfV_5qU&google_cver=1

42 B
298 B

13ms
5ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPzsakf2LeO7o5G6TfV_5qU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPzsakf2LeO7o5G6TfV_5qU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB

42 B
291 B

3349ms
3349ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Thu, 13 Apr 2023 09:39:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 12 Apr 2023 09:39:45 GMT

GET
H2 200 4364E351-5B45-4501-B12D-C799ED3F5E0B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BFA9 43 B
604 B 29ms
10ms Image
image/gif 2406:da18:929:5a01:52cc:d2de:4934:10b8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/4364E351-5B45-4501-B12D-C799ED3F5E0B?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a01:52cc:d2de:4934:10b8 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f58faa0-f35e-4eb5-88af-13ccac6ad941&gdpr=0&gdpr_consent=

42 B
297 B

6ms
4ms

Image
image/gif

207.65.33.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f58faa0-f35e-4eb5-88af-13ccac6ad941&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 13 Apr 2023 09:39:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f58faa0-f35e-4eb5-88af-13ccac6ad941&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4364E351-5B45-4501-B12D-C799ED3F5E0B&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4364E351-5B45-4501-B12D-C799ED3F5E0B&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7GbZMjdE2uVWVHg1U39STguweIQ7VOc-~A&gdpr=0

0
262 B

24ms
4ms

Image
text/plain

67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7GbZMjdE2uVWVHg1U39STguweIQ7VOc-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7GbZMjdE2uVWVHg1U39STguweIQ7VOc-~A&gdpr=0
date: Thu, 13 Apr 2023 09:39:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

sync
dsp.nrich.ai/bidswitch/ Frame BFA9
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ae7750f1-b690-49fc-a21c-5ea7f31a1065&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6639759391589628784

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4420550857817127512&gdpr=0&gdpr_consent=&us_privacy=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ad21b065272534&is_secure=true&networkId=17100&version=1&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANN6EekMF16AMdk74SAAAAAAA&expiration=1681465185&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&...

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame BFA9
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA%3D%26piggybackCookie%3D%24UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6289378468257146541

0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7B58
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac

281 B
554 B

360ms
36ms

Document
text/html

23.66.150.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Requested by: Host: pastelink.net
URL: https://pastelink.net/7tiio5hn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-150-27.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 Apr 2023 09:39:46 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 13 Apr 2023 09:39:46 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
server: AkamaiGHost

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
532 B 21ms
6ms Script
application/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 16ms
6ms Script
application/javascript 2404:6800:4003:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pastelink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
1 KB 256ms
256ms XHR
text/plain 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2785594436562183&correlator=4498878228959410&eid=31072019%2C31073384&output=ldjh&gdfp_req=1&vrg=202304050101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1681378786437&lmt=1681378786&dlt=1681378783423&idt=1054&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C326%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2F7tiio5hn&frm=20&vis=1&psz=1600x-1%7C705x405%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=1946816816.1681378784&ga_sid=1681378786&ga_hid=819682583&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd3b713164f2718c6fc40b3c76d335adeb34676b069be911f68593bbccda7331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 965
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 27ms
11ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56f32867797ba5191b781d9d876d099c727daae7e590bae3f0b3de516ee820a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11319
x-xss-protection: 0

GET
H2 200 container.html Show response
be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BD5 6 KB
3 KB 21ms
5ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 09:39:46 GMT
expires: Fri, 12 Apr 2024 09:39:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/ 33 KB
12 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08e8448e2137fe9df9775c2a39d698497c2fd4b97d6cbd132dfc1807c75385df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 20:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46350
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11899
x-xss-protection: 0
server: cafe
etag: 13074093536184999630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 11 Apr 2024 20:47:16 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 18ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 13 Apr 2023 09:39:46 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 99D7 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 240008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 14:59:38 GMT
expires: Tue, 09 Apr 2024 14:59:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8671 783 B
918 B 8ms
7ms Document
text/html 2404:6800:4003:c05::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de0dc41dd9a7fb33d598fcbb0d525f22babb0fc576fb3dac1c577acb755aff44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IbMfHHOBPumdALflc9yn7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-IbMfHHOBPumdALflc9yn7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 09:39:46 GMT
expires: Thu, 13 Apr 2023 09:39:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8671 0
0 57ms
49ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304050101&jk=2785594436562183&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js Show response
pagead2.googlesyndication.com/bg/ Frame 99D7 36 KB
14 KB 10ms
4ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1qDM7jHzlwhnZd-s95CHH_k3xryNtTKIC4s2Es7tSnI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 16:30:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 16:30:33 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B58 34 KB
10 KB 42ms
42ms Script
text/html 23.66.150.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-150-27.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f814f6a2663df39bc8c54135224ba3ff9c8c12b9d74f7ae16cf24911e7ee2be6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 09:39:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 09:35:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=86182
Connection: keep-alive
Content-Length: 10015
Expires: Fri, 14 Apr 2023 09:36:08 GMT

GET

setuid
u.4dex.io/ Frame 7B58
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LGEXIMNE-1I-2466
https://u.4dex.io/setuid?bidder=rubicon&uid=LGEXIMNE-1I-2466

0
0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 99D7 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w5eIrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 7B58
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGEXIMNE-1I-2466

0
519 B

268ms
250ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGEXIMNE-1I-2466
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:47 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 61BC08F468E34AFD881DEFC42BA57114 Ref B: SIN30EDGE0311 Ref C: 2023-04-13T09:39:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5NIFVZegGIntEzXX7oA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGEXIMNE-1I-2466
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

tap.php
pixel.rubiconproject.com/ Frame 7B58
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/kgZFcUaoZHV22gOb88Ka-sn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aaqzNRBE2oKLLWgEYjc7r1ThQUFTw.R_2JMpwQ--~A

0
0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7B58 0
472 B 219ms
7ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2249&pt=n
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET dcm
aax-eu.amazon-adsystem.com/s/ Frame 7B58 0
0

GET dcm
s.amazon-adsystem.com/ Frame 7B58 0
0

GET

sync.php
pixel.rubiconproject.com/exchange/ Frame 7B58
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdFWElNTkUtMUktMjQ2Ng==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHFgbI_4I3tH_P1yONiOt64&google_cver=1

0
0

GET

tap.php
pixel.rubiconproject.com/ Frame 7B58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDAE-OKE26wzmlXHwZ-q1iI&google_cver=1

0
0

GET rubicon
match.adsrvr.org/track/cmf/ Frame 7B58 0
0

GET

setuid
u.4dex.io/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D&s=194558&C=1
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDfN42wJnsd_UeTsM_QdggAAE0UAAAIB

0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304050101&jk=2785594436562183&bg=!ICOlI3fNAAYIJb0jKCU7ADkAdvg8WtKJQeC1mam1OZo0jYiatqotcY7j9CZw-S2p_9LDArgcLJ0OeVOnIifdy6JWRMjuhxv0lPECAAAAWVIAAAACaAEHmQK9WT-MESX2CrY7yiZEvB3NqFo4K110qp4jthSqWqsqsoHcU8AJxR6m-C0kChyU3oJtCfNXV98DB2llgT1zyD-taSBWZMCD7bHB3CxgcUX2r8z8EwJbct1MqrZL2gdnYVqArnaynIt2wfz3WEjC_9gByfwBqrqxGQxniXuiGR-8-sI1mj9uy_dFrxfgizcnwBZPI4gw4mLjx3KErokWb_A_Xz20q9IcO5EmvINZgn1Ht4MZ4CGqARCl5weNiGOsuhDs7zy-z8jp8GjGmwV2-J1PeMU8IYE-5Ng4rlimDy4z9qT0Dk9d-6UmtcHx7BUacVqLrPrK24-qYu1btTdy7iteZdXNXWTB6JBYfnckgGRrWss9xnSofEJP9NPecIlOsOKuqxw-svw7xUxadCrip0SpNUppYnWfIltKvvapWMoICAyBq4VSXiZqeLJCNd--1cukzY04fgcHPkbJDM0Ls1FAJzHExUYUpZQVr3M-kID-xlg_2tGliNtT8kZG3thOCdwpWKppnS7ywa3tOgMMfUQNrmf27iiCuoyciLDH4_AfJ9qk9reBYfIFvisKlYaJ7Kyyp2scJc9o5JpGYVDbkGQ2eaRYRBN62hiV_d1m9lufT-V9FzcdJG0LawIH7edg5I1Eu_g1g5ekDK6CvdpjD51WvKY8jaUThNAdO79A8adliscPaImAReiUZmGHo9zJ7feicXMkk43X97lFuMCm2I3du-iz6iZdVp-Pau-GmemFRMTHERtnZua9JvLxI31ELLI4Zm1nr_4zDqn3jtdAFdMqrfIOeyTPt_XglP5eW0UcHHxkC5nQ4UGFRxp9w2y2nv-JOwU2-WGBB32hzhlZZ1dLKwH_vRjaah2_CFwiWo-LeVK3PXYki9G7zSTiOk62dF1nbT-ZE4ysgm5LURxOaRuRSeFhjbxkncxz48nSA_w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame BFA9 0
130 B 6830ms
6829ms Script
text/plain 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 18ms
8ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:31:17 GMT
server: nginx
etag: W/"642e9165-15b5c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 14 Apr 2023 09:39:47 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 323C 15 KB
6 KB 234ms
78ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

117ef3d1ce1e9b17d0c9106d6c753959d0dc1703a290646cd7d2d96edd47e838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 13 Apr 2023 09:39:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 531182
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 16ms
7ms XHR
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:31:17 GMT
server: nginx
etag: W/"642e9165-15b5c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 14 Apr 2023 09:39:47 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 323C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Tah7u3xSNzNYcmx3NHJXS0hjMkdUMzZQbTB5T2RsaldSbFZHUlhNbW9SdUc2QUF4bE9FME8yTU12UU9QSlBnT1MxOEgzZzMrbm0weGI4TlJxYlhMZ3FwQTN4czFid1V3S2duRXhWa2NyZ2NTMDFhRWpGVWNYUExhNGpyZn...

444 B
660 B

1270ms
7ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Tah7u3xSNzNYcmx3NHJXS0hjMkdUMzZQbTB5T2RsaldSbFZHUlhNbW9SdUc2QUF4bE9FME8yTU12UU9QSlBnT1MxOEgzZzMrbm0weGI4TlJxYlhMZ3FwQTN4czFid1V3S2duRXhWa2NyZ2NTMDFhRWpGVWNYUExhNGpyZnM1RUJ3bk1INU9EbGcxZDEwbnFadUhwTDVWbE5PeHZ6UFg0RDRpRVcvOWYwZnA4RzFSOWFnZTVubmFOVDNWaDB6dnBqcU5OSlp2UXo0aEU0THUrdFVLVUIyYWpDeU5ta2Uyd1gvVXAySHBZTWdjZUlnc1Y3QTV2dTZGTkZJdlNSWDNKUlNacW12MjJvOGNuUzFHMmNsUkVCL09qQ3JFUT09fA&cppv=2

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

16d639b0a747293921f0c58d1ccdebcefab18cb5123536d5615f4188b1e49897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2189873
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 13 Apr 2023 09:39:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Tah7u3xSNzNYcmx3NHJXS0hjMkdUMzZQbTB5T2RsaldSbFZHUlhNbW9SdUc2QUF4bE9FME8yTU12UU9QSlBnT1MxOEgzZzMrbm0weGI4TlJxYlhMZ3FwQTN4czFid1V3S2duRXhWa2NyZ2NTMDFhRWpGVWNYUExhNGpyZnM1RUJ3bk1INU9EbGcxZDEwbnFadUhwTDVWbE5PeHZ6UFg0RDRpRVcvOWYwZnA4RzFSOWFnZTVubmFOVDNWaDB6dnBqcU5OSlp2UXo0aEU0THUrdFVLVUIyYWpDeU5ta2Uyd1gvVXAySHBZTWdjZUlnc1Y3QTV2dTZGTkZJdlNSWDNKUlNacW12MjJvOGNuUzFHMmNsUkVCL09qQ3JFUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 636650
content-length: 0
expires: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BF4D 16 KB
6 KB 44ms
34ms Document
text/html 184.31.28.212
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.28.212 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-28-212.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=34521
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 13 Apr 2023 09:39:49 GMT
expires: Thu, 13 Apr 2023 19:15:10 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame BE59 2 KB
814 B 169ms
161ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1681378785042

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET checksync.php
contextual.media.net/ Frame 2793 0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7D0B 52 KB
17 KB 20ms
3ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 8735
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 13 Apr 2023 09:39:49 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2946, 76757
X-Served-By: cache-lga13626-LGA, cache-qpg1268-QPG
X-Timer: S1681378789.451968,VS0,VE0

GET sync.html
public.servenobid.com/ Frame 3D25 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5A78 281 B
554 B 56ms
53ms Document
text/html 23.66.150.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1681378200000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-150-27.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 Apr 2023 09:39:49 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7D0B 0
863 B 633ms
633ms Script
text/html 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Apr 2023 09:39:50 GMT
AN-X-Request-Uuid: 59d2373e-fbba-4c72-bdf3-de5bb9da285a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BF4D 744 B
1 KB 5ms
5ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23439750&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d4eafa22358559f5138daaf4601f34bdbdb25c6bf88b47f2d66b7a161c2aa666

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 13 Apr 2023 09:39:49 GMT
content-length: 744
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame B937 35 B
601 B 38ms
38ms Document
image/gif 185.84.60.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=4364E351-5B45-4501-B12D-C799ED3F5E0B&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Thu, 13 Apr 2023 09:39:49 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET

Pug
simage2.pubmatic.com/AdServer/ Frame B6F5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2g6Q96401PMTqJ5&gdpr=0&gdpr_consent=

0
0

GET

Pug
simage2.pubmatic.com/AdServer/ Frame FBFE
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB&gdpr=0&gdpr_consent=

0
0

GET

rcs
tags.rd.linksynergy.com/ Frame BF4D
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=4364E351-5B45-4501-B12D-C799ED3F5E0B
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDQzNjRFMzUxLTVCNDUtNDUwMS1CMTJELUM3OTlFRDNGNUUwQhAAGg0I5ZvfoQYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=807a19768b02b835fa88fa94f5cf6a745aee2c24a1e8ca52232a178df74f4fe5791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4MDdhMTk3NjhiMDJiODM1ZmE4OGZhOTRmNWNmNmE3NDVhZWUyYzI0YTFlOGNhNTIyMzJhMTc4ZGY3NGY0ZmU1NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4MDdhMTk3NjhiMDJiODM1ZmE4OGZhOTRmNWNmNmE3NDVhZWUyYzI0YTFlOGNhNTIyMzJhMTc4ZGY3NGY0ZmU1NzkxNDI2YjU0MTdkY2UyMRAAGgwI55vfoQYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5A78 34 KB
10 KB 47ms
46ms Script
text/html 23.66.150.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.66.150.27 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-66-150-27.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f814f6a2663df39bc8c54135224ba3ff9c8c12b9d74f7ae16cf24911e7ee2be6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 Apr 2023 09:39:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Apr 2023 09:35:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=86179
Connection: keep-alive
Content-Length: 10015
Expires: Fri, 14 Apr 2023 09:36:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7D0B 0
863 B 164ms
163ms Script
text/html 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Apr 2023 09:39:50 GMT
AN-X-Request-Uuid: 9fb9f02d-0314-40ff-98cb-36b761ed2aae
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.254.153.204; 103.254.153.204; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame BF4D 0
49 B 2577ms
2576ms Script
text/plain 67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161102&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 09:39:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZDfN4QACbu64AgAn&gdpr=1&gdpr_consent=&_test=ZDfN4QACbu64AgAn

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3643579199655574988&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-22d0483b-4635-4678-90f7-7776fd5d2400-004

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: dsp.nrich.ai
URL: https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ae7750f1-b690-49fc-a21c-5ea7f31a1065&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6639759391589628784

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4420550857817127512&gdpr=0&gdpr_consent=&us_privacy=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAANN6EekMF16AMdk74SAAAAAAA&expiration=1681465185&nuid=4364E351-5B45-4501-B12D-C799ED3F5E0B&is_secure=true&gdpr_consent=&gdpr=0

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6289378468257146541

Domain: u.4dex.io
URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LGEXIMNE-1I-2466

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aaqzNRBE2oKLLWgEYjc7r1ThQUFTw.R_2JMpwQ--~A

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHFgbI_4I3tH_P1yONiOt64&google_cver=1

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDAE-OKE26wzmlXHwZ-q1iI&google_cver=1

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/rubicon

Domain: u.4dex.io
URL: https://u.4dex.io/setuid?bidder=indexexchange&uid=ZDfN42wJnsd_UeTsM_QdggAAE0UAAAIB

Domain: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Domain: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2g6Q96401PMTqJ5&gdpr=0&gdpr_consent=

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:5A48A69348694DFCA3AC84315D84C9FB&gdpr=0&gdpr_consent=

Domain: tags.rd.linksynergy.com
URL: https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastelink.net/	1970-01-20 11:52:58	Name: PHPSESSID Value: pknc07ael4bpncl0p55orh2qti
.pastelink.net/	1970-01-20 13:12:34	Name: _gcl_au Value: 1.1.744984017.1681378784
.pastelink.net/	1970-01-20 11:04:25	Name: _gid Value: GA1.2.1329719421.1681378784
.pastelink.net/	1970-01-20 11:02:58	Name: _gat_UA-55088947-2 Value: 1
.pastelink.net/	1970-01-20 20:38:58	Name: _ga_S3DKHVPF03 Value: GS1.1.1681378784.1.0.1681378784.0.0.0
.pastelink.net/	1970-01-20 20:38:58	Name: _ga Value: GA1.1.1946816816.1681378784
.pubmatic.com/	1970-01-20 19:48:34	Name: KADUSERCOOKIE Value: 4364E351-5B45-4501-B12D-C799ED3F5E0B
.ambientdsp.com/	1970-01-20 11:04:25	Name: _aGeoIp Value: SG-Singapore
.ambientdsp.com/	1970-01-20 20:38:58	Name: _aUID Value: zo3vj4db8cq
.gammaplatform.com/	1970-01-20 11:04:25	Name: _aGeoIp Value: IN\|Lucknow
.gammaplatform.com/	1970-01-20 20:38:58	Name: _aUID Value: 1psyrfnuyb6b
.quantserve.com/	1970-01-20 13:12:34	Name: d Value: ELcBCwHfKPijAA
.quantserve.com/	1970-01-20 20:33:13	Name: mc Value: 6437cde1-3d997-27794-d3cdb
.adsrvr.org/	1970-01-20 19:50:01	Name: TDID Value: 1f58faa0-f35e-4eb5-88af-13ccac6ad941
.c.appier.net/	1970-01-20 19:48:34	Name: _auid Value: HrcOCLgKA2asroqo4c03ZA
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_1290 Value: 23368-zo3vj4db8cq
.doubleclick.net/	1970-01-20 20:38:58	Name: IDE Value: AHWqTUn6k_GgAcsVEjFIOJs3GAGb-RFtx_V_Qud3sfNOhCOnkwlhSniTfS0sJvDR8UU
.yahoo.com/	1970-01-20 19:48:56	Name: A3 Value: d=AQABBOHNN2QCEBgSx0LbBjFSSWu2ByN5aNYFEgEBAQEfOWRBZAAAAAAA_eMAAA&S=AQAAAkAs5FC-GZNwPgRZrKmAIR0
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_377 Value: 6810-1f58faa0-f35e-4eb5-88af-13ccac6ad941&KRTB&22918-1f58faa0-f35e-4eb5-88af-13ccac6ad941&KRTB&23031-1f58faa0-f35e-4eb5-88af-13ccac6ad941
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_153 Value: 1923-GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z&KRTB&19420-GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z&KRTB&22979-GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z&KRTB&23462-GCa8Bk126gADIesIFyWiAxkltgUDdrxSSnCa581z
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_1310 Value: 23431-1psyrfnuyb6b&KRTB&23446-1psyrfnuyb6b&KRTB&23465-1psyrfnuyb6b
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_80 Value: 16514-CAESEPzsakf2LeO7o5G6TfV_5qU&KRTB&22987-CAESEPzsakf2LeO7o5G6TfV_5qU&KRTB&23025-CAESEPzsakf2LeO7o5G6TfV_5qU&KRTB&23386-CAESEPzsakf2LeO7o5G6TfV_5qU
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_904 Value: 16787-HrcOCLgKA2asroqo4c03ZA
.analytics.yahoo.com/	1970-01-20 19:48:34	Name: IDSYNC Value: 18z8~2b29
.ctnsnet.com/	1970-01-20 19:48:34	Name: cid_029375c1709741eba903c14b1e135eb0 Value: 1
.ctnsnet.com/	1970-01-20 19:48:34	Name: cid_8a9b2b48c050456a8697b2ab82e3817c Value: 1
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_1159 Value: 23138-029375c1709741eba903c14b1e135eb0&KRTB&23328-029375c1709741eba903c14b1e135eb0&KRTB&23427-029375c1709741eba903c14b1e135eb0&KRTB&23445-029375c1709741eba903c14b1e135eb0
.crwdcntrl.net/	1970-01-20 17:31:44	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 17:31:44	Name: _cc_id Value: 8a9064fa8b1b2abd559ca5068427bf1b
.tapad.com/	1970-01-20 12:29:22	Name: TapAd_TS Value: 1681378785283
.tapad.com/	1970-01-20 12:29:22	Name: TapAd_DID Value: 64277c91-2a0f-453a-8a40-61e669273180
ads.playground.xyz/	1970-01-20 11:11:53	Name: connect.sid Value: s%3AvCHMLPnyY7zsTDqwLZ5jxKGPg-2fDUcX.ck5gpdLA451R%2FIxLc7ze5XMJoQynVzCn8uh5LDhwJyg
.pubmatic.com/	1970-01-20 11:46:10	Name: SPugT Value: 1681378785
.4dex.io/	1970-01-20 12:29:22	Name: uids Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNC0xM1QwOTozOTo0NS4wMDY5MDI1ODFaIiwicHVibWF0aWMiOiIyMDIzLTA0LTEzVDA5OjM5OjQ1LjAwNjg5NjMzN1oiLCJydWJpY29uIjoiMjAyMy0wNC0xM1QwOTozOTo0NS4wMDY5MDAyMzdaIn0sInVpZHMiOnsiYWRhZ2lvIjp7InVpZCI6IjZjNzhlM2FlLTQxMzQtNDQyNi1hZGEwLTU4N2MxYWI4OWQyYiIsImV4cGlyZXMiOiIyMDIzLTA2LTEyVDA5OjM5OjQ1LjAwNjYzNTkwMVoifSwicHVibWF0aWMiOnsidWlkIjoiNDM2NEUzNTEtNUI0NS00NTAxLUIxMkQtQzc5OUVEM0Y1RTBCIiwiZXhwaXJlcyI6IjIwMjMtMDYtMTJUMDk6Mzk6NDUuMzA0MDY1MzEzWiJ9fSwiYmRheSI6IjIwMjMtMDQtMTNUMDk6Mzk6NDUuMDA2NDczNTRaIn0=
.adsrvr.org/	1970-01-20 19:50:01	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwj8yNHEoYPeOxAFEhQKBXRhcGFkEgsImL3OxaGD3jsQBRgBIAEoAjILCJi10fK3g947EAU4AVoFdGFwYWRgAg..
.tapad.com/	1970-01-20 12:29:22	Name: TapAd_3WAY_SYNCS Value: 1!2481
.mathtag.com/	1970-01-20 20:28:53	Name: uuid Value: cc996437-cde1-4300-a097-5a84e6b41051
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_27 Value: 16735-uid:cc996437-cde1-4300-a097-5a84e6b41051&KRTB&16736-uid:cc996437-cde1-4300-a097-5a84e6b41051&KRTB&23019-uid:cc996437-cde1-4300-a097-5a84e6b41051&KRTB&23114-uid:cc996437-cde1-4300-a097-5a84e6b41051
.bidswitch.net/	1970-01-20 19:48:34	Name: tuuid Value: ae7750f1-b690-49fc-a21c-5ea7f31a1065
.bidswitch.net/	1970-01-20 19:48:34	Name: c Value: 1681378785
.bidswitch.net/	1970-01-20 19:48:34	Name: tuuid_lu Value: 1681378785
.everesttech.net/	1970-01-20 19:48:34	Name: everest_g_v2 Value: g_surferid~ZDfN4QACbu64AgAn
.tribalfusion.com/	1970-01-20 13:12:34	Name: ANON_ID Value: aQnseFo0P8fCmTN83vFZaj46sQKHJnZahBp2crSnZc85B4mMZc2A6tUVVQHmQMfECFlvd4Za5bW2Kq82wMWJr0kR8
.simpli.fi/	1970-01-20 19:50:01	Name: suid Value: 5A48A69348694DFCA3AC84315D84C9FB
.dotomi.com/	1970-01-20 11:02:58	Name: DotomiTest Value: 3ad21b065272534
.omnitagjs.com/	1970-01-20 11:46:10	Name: ayl_visitor Value: 50e5a610954b1307227706b50143b918
.adform.net/	1970-01-20 11:46:10	Name: C Value: 1
.adform.net/	1970-01-20 12:29:22	Name: uid Value: 6639759391589628784
.rubiconproject.com/	1970-01-20 19:48:34	Name: khaos Value: LGEXIMNE-1I-2466
.turn.com/	1970-01-20 15:22:10	Name: uid Value: 4420550857817127512
.1rx.io/	1970-01-20 19:48:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-22d0483b-4635-4678-90f7-7776fd5d2400-004%22%2C%22nxtrdr%22%3Afalse%7D
.pastelink.net/	1970-01-20 20:24:34	Name: __gads Value: ID=286fcef7816fb447:T=1681378786:S=ALNI_MaCr1weL7EWsLmQo4CDrytg6idyJQ
.pastelink.net/	1970-01-20 20:24:34	Name: __gpi Value: UID=00000bf429c1c533:T=1681378786:RT=1681378786:S=ALNI_Mb-lSlaKJOd7wP2TnRDyVQyhsxEcQ
.rubiconproject.com/	1970-01-20 19:48:34	Name: audit Value: 1\|WD0cx+9RTMIwjz9wuDWitGHpDPrT40mPuNe9KgcK9NRcBQ2SQkUCb2SX9bSB3imXFmTJDmFSLusTZI9/Nf5XGCYbB5SW5XQ3RCPLY9Vxeoqma+WVcS1g3g==
.linkedin.com/	1970-01-20 19:48:34	Name: bcookie Value: "v=2&1fdd6ae6-8303-491e-8668-90716dc6fac8"
.linkedin.com/	1970-01-20 11:04:25	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2553:u=1:x=1:i=1681378787:t=1681465187:v=2:sig=AQGUdF6sQDPAFR0XBu6KwWW3Yk8KDbLV"
.casalemedia.com/	1970-01-20 19:48:34	Name: CMID Value: ZDfN42wJnsd-UeTsM-QdggAA
.casalemedia.com/	1970-01-20 13:12:34	Name: CMPS Value: 4933
.casalemedia.com/	1970-01-20 13:12:34	Name: CMPRO Value: 4933
.criteo.com/	1970-01-20 20:24:34	Name: uid Value: c47299d8-fd44-417f-897e-295e72a78cfd
.adnxs.com/	1970-01-20 13:12:34	Name: uuid2 Value: 6289378468257146541
.pubmatic.com/	1970-01-20 11:46:10	Name: KRTBCOOKIE_148 Value: 19421-uid:5A48A69348694DFCA3AC84315D84C9FB
.pubmatic.com/	1970-01-20 11:46:10	Name: PugT Value: 1681378789
.pastelink.net/	1970-01-20 20:24:34	Name: cto_bundle Value: y2nq9l9XaXRHcEpNNmlzSDhwbUpLMHo2c1EzM29GVllUdEpFSVQwU0hNUDhvdzBzSTQzejglMkZ2OWZhRXlVaGNHJTJGdmolMkJIOUpnMW1iOGkyRmJhVTExJTJCUFBEMW1mJTJGdWlLWGFsQkJzJTJGQ2p4S2dKTjBqVDRnM1dFUmlSdWhvWm1xVlp3TUlMdmVCWllIeHMzWjhLVzFnJTJCMzd6SXJZQSUzRCUzRA
.ads.pubmatic.com/	1970-01-20 11:04:25	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 13:12:34	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 11:04:25	Name: pi Value: 161102:3
.pubmatic.com/	1970-01-20 13:12:34	Name: DPSync3 Value: 1682553600%3A197_201_245_226%7C1681948800%3A164_248
.pubmatic.com/	1970-01-20 13:12:34	Name: SyncRTB3 Value: 1682640000%3A35%7C1682553600%3A96_231_13_234_107_56_214_5_220_209_238_3_7_204_254_99_54_176_233_71_8_247_22_165_179_21%7C1686528000%3A69%7C1681948800%3A2_223_15%7C1682208000%3A63
.w55c.net/	1970-01-20 20:33:13	Name: wfivefivec Value: 2g6Q96401PMTqJ5
.w55c.net/	1970-01-20 11:46:10	Name: matchpubmatic Value: 5
.rlcdn.com/	1970-01-20 19:48:34	Name: rlas3 Value: 5FPeOtMfpm2HE6lCyJQCbDf6k7Gcdr2BXXHwBGVPKWI=
.rlcdn.com/	1970-01-20 12:29:22	Name: pxrc Value: CAA=
.targeting.unrulymedia.com/	1970-01-20 19:48:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-22d0483b-4635-4678-90f7-7776fd5d2400-004%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.sg
api.btloader.com
be2d9c4370c342904ff9f1de0ffab112.safeframe.googlesyndication.com
bidder.criteo.com
btloader.com
c1.adform.net
cdn4.buysellads.net
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
csync.loopme.me
dis.criteo.com
dps.jp.cinarra.com
dsp.nrich.ai
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
match.adsrvr.org
match.deepintent.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pastelink.net
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
static.criteo.net
sync-dsp.ad-m.asia
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
u.4dex.io
uipapac.semasio.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
aax-eu.amazon-adsystem.com
contextual.media.net
core.iprom.net
csync.loopme.me
dsp.nrich.ai
match.adsrvr.org
pixel.rubiconproject.com
public.servenobid.com
s.amazon-adsystem.com
simage2.pubmatic.com
sync.srv.stackadapt.com
tags.rd.linksynergy.com
u.4dex.io
103.229.205.243
104.254.150.228
119.9.108.191
13.250.207.233
130.211.23.194
142.251.12.148
151.101.65.108
151.139.128.10
172.104.45.159
18.138.18.111
18.143.106.89
18.182.204.40
182.161.73.136
182.161.73.146
184.31.28.212
185.84.60.29
2.20.137.181
2001:4de0:ac18::1:a:2a
207.65.33.78
207.65.33.82
220.150.223.50
23.66.150.27
2404:6800:4003:c00::84
2404:6800:4003:c00::9a
2404:6800:4003:c02::9d
2404:6800:4003:c03::5f
2404:6800:4003:c03::84
2404:6800:4003:c03::9a
2404:6800:4003:c03::9c
2404:6800:4003:c04::71
2404:6800:4003:c05::93
2404:6800:4003:c06::5e
2404:6800:4003:c06::61
2404:6800:4003:c0f::9b
2404:6800:4003:c11::5e
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2406:da18:929:5a01:52cc:d2de:4934:10b8
2602:803:c006:158::65
2606:4700:20::681a:346
2606:4700:20::681a:8a9
2606:4700:20::ac43:4686
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:372
2620:116:800e:21:a878:7c6e:cf7b:3362
2620:1ec:21::14
34.107.148.139
34.111.113.62
34.149.40.38
35.186.193.173
35.247.47.28
35.71.131.137
44.236.169.225
50.57.31.206
51.79.234.101
52.220.229.2
52.31.141.253
54.255.95.2
64.227.38.224
67.199.150.81
67.199.150.85
67.199.150.86
69.173.158.64
74.125.24.156
8.18.47.7
89.35.29.15
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
08e8448e2137fe9df9775c2a39d698497c2fd4b97d6cbd132dfc1807c75385df
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10a471cd19442b2f8fc04495ddd947484030512643ab3d3d98dc77854440a7c2
117ef3d1ce1e9b17d0c9106d6c753959d0dc1703a290646cd7d2d96edd47e838
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
16d639b0a747293921f0c58d1ccdebcefab18cb5123536d5615f4188b1e49897
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1906c49ad175d25e47716231ef5f10b761b4615ca057137afa71806800a9aea0
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22cbfacb817672ee585cad64df18ef6224f206e271b1f934f117337cf9d26ede
23cbbe11544be1c7265955d3149ad794e28efa652abc60ade6e3378640099449
2d1a754922199186d43c7e76757eddaeb26e350387294e0f69ac574bc54914f9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
3af1a442285e2530e69db134638ec9305ab0abf88e5ef5248bb9b8f1903a8bd4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f32867797ba5191b781d9d876d099c727daae7e590bae3f0b3de516ee820a4
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
607d859fdace93e684d24509895d13ae559be4353fea23fdab5419143a33d1cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623161f2ab1348bcdc695c230cb64dcd32bcd26ede9be21eb65a953e257b3b6b
623517114aed6a946030e97608a23366e1e9a7252a3a8db7c8708048c297ab3e
63c0541f20459089af6a8e261d8e7a8c8aed76ae9de830ba4f37bcbe6df249e1
6638f387e0ff4c0dc3c7f79ff49428f8f82f1b1d47e62f4815c92baa227917f7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66dbc25f6437696dcb3319d87c972b603544bc62f890eea1f5d418368834b5d1
6d931c2bb090d34973fe3fb0fe5ebf626651793c461723d70c8138c65016569a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72e4e0bd3706b26b3f2a5ca37868038a6d80c9e1eb1ac0a09157e14052f63a03
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9613f838798d1aed5da373796f9180a1531b4670d6762a7db38dde12ae032934
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bd8daa39dfc3e4a23bd9ac3c0ff02fd751a86f45e7f45fc7b2a674b0a4aac3
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b68a7f87308f4eb7e29a79f21e599796ad984353fe505b8a7a25f4ebc1ddee47
bb80b31602ef803f54a50d5fb974f930d399cfca62e6914c030b1f59d674afdd
bd3ab0a8a77f7fb4a5f243ed1c7270157737e1d1acc47e303227139a972bcaaf
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
ca9abec2586b5cd15a5d96d0bc4b5a755476478407dc70a4ca3f4337673c6e3d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4eafa22358559f5138daaf4601f34bdbdb25c6bf88b47f2d66b7a161c2aa666
d5400c86db9749bda35206026e539e3a516e9ea269b695718d0c230d2e80f3ec
d6a0ccee31f397086765dfacf790871ff937c6bc8db532880b8b3612ceed4a72
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
de0dc41dd9a7fb33d598fcbb0d525f22babb0fc576fb3dac1c577acb755aff44
e34dcd74492c3bbb01decf9b252e8280db879648807778fa442a294b6c8a2482
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
edf6e3797e68ca65c02a261a4bbd3f53dcdcc054f601c388c9bbb2b77f4c596b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f814f6a2663df39bc8c54135224ba3ff9c8c12b9d74f7ae16cf24911e7ee2be6
f83cac213086e65871ca89447eb2006ef85ba32bf673b8db89d6abac2677cb09
fd3b713164f2718c6fc40b3c76d335adeb34676b069be911f68593bbccda7331
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pastelink.net Open in urlscan Pro 89.35.29.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

138 Requests

73 %HTTPS

40 %IPv6

51 Domains

80 Subdomains

58 IPs

9 Countries

1164 kBTransfer

2858 kBSize

74 Cookies

15 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastelink.net Open in urlscan Pro
89.35.29.15 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

73 %
HTTPS

40 %
IPv6

51
Domains

80
Subdomains

58
IPs

9
Countries

1164 kB
Transfer

2858 kB
Size

74
Cookies

138 HTTP transactions
-1 data transactions