urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
89.35.29.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/kztoeqi1
Submission: On March 06 via manual from GB — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 7 countries across 105 domains to perform 407 HTTP transactions. The main IP is 89.35.29.15, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 128169.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 89.35.29.15 25369 (BANDWIDTH-AS)
2 2404:6800:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 208.95.112.2 53334 (TUT-AS)
23 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 52.77.152.198 16509 (AMAZON-02)
1 54.65.137.42 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 203.195.121.141 7979 (SERVERS-COM)
1 185.106.140.18 7979 (SERVERS-COM)
5 7 104.254.150.241 29990 (ASN-APPNEX)
9 18.197.14.124 16509 (AMAZON-02)
1 145.40.73.4 54825 (PACKET)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
19 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
16 2404:6800:400... 15169 (GOOGLE)
6 23.207.181.73 16625 (AKAMAI-AS)
20 2404:6800:400... 15169 (GOOGLE)
1 184.51.99.153 16625 (AKAMAI-AS)
1 2600:9000:229... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 2406:2600:4::13 55569 (CRITEO-AS...)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
9 2406:2600:7:1... 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
7 2406:2600:7:1... 55569 (CRITEO-AS...)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
3 23.207.181.140 16625 (AKAMAI-AS)
4 52.77.104.51 16509 (AMAZON-02)
5 2406:2000:e4:... 56173 (YAHOO-SG3...)
9 26 52.74.162.2 16509 (AMAZON-02)
12 2406:2000:98:... 38032 (YAHOO-HK2...)
4 2406:2000:98:... 38032 (YAHOO-HK2...)
2 54.251.217.3 16509 (AMAZON-02)
17 38.133.127.95 ()
1 199.232.46.132 54113 (FASTLY)
1 2602:803:c004... ()
7 12 69.173.158.64 26667 (RUBICONPR...)
1 2a02:6ea0:d10... 60068 (CDN77 ^_^)
5 74.125.130.148 15169 (GOOGLE)
16 172.217.194.155 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
1 1 2406:2600:7:1... 55569 (CRITEO-AS...)
2 4 182.161.73.146 55569 (CRITEO-AS...)
4 4 185.184.8.90 ()
1 6 2406:da18:929... 16509 (AMAZON-02)
3 3 2620:116:800e... 16509 (AMAZON-02)
5 5 35.213.12.39 15169 (GOOGLE)
1 1 202.241.208.57 ()
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
2 2 103.229.206.241 30419 (MEDIAMATH...)
1 18.140.119.153 16509 (AMAZON-02)
9 12 74.125.24.157 15169 (GOOGLE)
1 2 2620:1ec:c11:... 8068 (MICROSOFT...)
7 7 52.223.40.198 16509 (AMAZON-02)
1 5 23.39.5.30 16625 (AKAMAI-AS)
2 3 35.190.60.146 ()
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
2 2 70.42.32.127 ()
1 2 35.161.156.211 ()
1 184.50.85.234 20940 (AKAMAI-ASN1)
1 34.210.220.175 ()
1 18.155.68.41 ()
2 2 18.185.128.132 ()
1 34.111.79.67 ()
1 34.199.72.104 ()
1 1 85.114.159.118 ()
6 7 18.141.109.184 ()
1 1 18.139.68.213 ()
3 3 13.215.220.77 ()
1 1 2001:df2:a300... ()
1 1 8.43.72.98 ()
1 13.251.233.244 ()
2 2 54.150.10.110 ()
1 104.244.42.131 ()
3 10 139.5.84.243 ()
6 6 103.231.98.197 62713 (AS-PUBMATIC)
3 5 103.231.98.194 ()
2 2 35.230.38.116 ()
2 2 67.199.150.85 ()
3 3 34.98.64.218 396982 (GOOGLE-CL...)
2 2 54.151.166.121 ()
1 1 2600:9000:223... ()
4 184.51.99.100 16625 (AKAMAI-AS)
3 4 52.223.2.229 16509 (AMAZON-02)
2 2 63.251.14.14 ()
1 185.84.60.20 ()
1 1 18.136.165.105 ()
1 4 23.207.180.23 ()
2 3 52.95.118.179 ()
3 5 52.46.151.131 ()
1 2620:1ec:21::14 ()
1 2406:da18:22e... ()
2 2406:2600:7:1... ()
1 2606:4700:303... ()
1 151.101.65.108 ()
1 23.207.180.199 ()
1 103.231.98.196 ()
1 182.161.73.136 ()
3 67.199.150.86 ()
1 1 52.220.229.2 ()
407 87
12    89.35.29.15 (London, United Kingdom)

ASN25369 (BANDWIDTH-AS, GB)
PTR: 15.29.35.89.baremetal.zare.com
pastelink.net
2    2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2606:4700:3031::ac43:cab1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adligature.com
2    2404:6800:4003:c11::63 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
2    2404:6800:4003:c03::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4003:c03::5e (Singapore)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2404:6800:4003:c0f::5e (Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    208.95.112.2 (United States)

ASN53334 (TUT-AS, US)
pro.ip-api.com
23    2404:6800:4003:c03::9b (Singapore)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2404:6800:4003:c04::65 (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
14    52.77.152.198 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    54.65.137.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-137-42.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    203.195.121.141 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
7    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
9    18.197.14.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a.vidoomy.com
a-prebid.vidoomy.com
1    145.40.73.4 (Queenstown Estate, Singapore)

ASN54825 (PACKET, US)
tag.1rx.io
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    2404:6800:4003:c06::9b (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com.sg
1    2404:6800:4003:c11::9b (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com
19    2404:6800:4003:c11::9d (Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2404:6800:4003:c06::84 (Singapore)

ASN15169 (GOOGLE, US)
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
16    2404:6800:4003:c02::84 (Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    23.207.181.73 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-73.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
20    2404:6800:4003:c06::9a (Singapore)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    184.51.99.153 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-99-153.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    2600:9000:229f:ee00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
2    2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
1    2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
9    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
7    2406:2600:7:100::7 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    23.207.181.140 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-140.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
4    52.77.104.51 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-104-51.ap-southeast-1.compute.amazonaws.com
prod-m-node-2113.ssp.yahoo.com
5    2406:2000:e4:1409::2000 (Taiwan)

ASN56173 (YAHOO-SG3 internet content provider, SG)
pn.ybp.yahoo.com
26    52.74.162.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
ups.analytics.yahoo.com
12    2406:2000:98:800::e6 (Taiwan)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)
cdn.js7k.com
beap-bc.yahoo.com
4    2406:2000:98:800::e5 (Taiwan)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)
s.yimg.com
2    54.251.217.3 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-217-3.ap-southeast-1.compute.amazonaws.com
geo.moatads.com
mb.moatads.com
17    38.133.127.95 (None, )

ASN- ()
log.outbrainimg.com
sync.outbrain.com
1    199.232.46.132 (Singapore)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    2602:803:c004:200::154 (None, )

ASN- ()
beacon-fra2.rubiconproject.com
12    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2a02:6ea0:d100::13 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
vpaid.vidoomy.com
5    74.125.130.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f148.1e100.net
ad.doubleclick.net
16    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
5    2404:6800:4003:c11::94 (Singapore)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2406:2600:7:100::10 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
4    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
4    185.184.8.90 (None, )

ASN- ()
creativecdn.com
6    2406:da18:929:5a01:3027:3246:6166:fb40 (Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    2620:116:800e:21:36b5:1576:d999:6e52 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    202.241.208.57 (None, )

ASN- ()
tg.socdm.com
2    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    18.140.119.153 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-119-153.ap-southeast-1.compute.amazonaws.com
onevideosync.uplynk.com
12    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
cm.g.doubleclick.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    23.39.5.30 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-5-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
3    35.190.60.146 (None, )

ASN- ()
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
2    70.42.32.127 (None, )

ASN- ()
b1sync.zemanta.com
2    35.161.156.211 (None, )

ASN- ()
dpm.demdex.net
1    184.50.85.234 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-50-85-234.deploy.static.akamaitechnologies.com
sync-jp.im-apps.net
1    34.210.220.175 (None, )

ASN- ()
beacon.krxd.net
1    18.155.68.41 (None, )

ASN- ()
aa.agkn.com
2    18.185.128.132 (None, )

ASN- ()
rtb.mfadsrvr.com
1    34.111.79.67 (None, )

ASN- ()
odr.mookie1.com
1    34.199.72.104 (None, )

ASN- ()
crb.kargo.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
7    18.141.109.184 (None, )

ASN- ()
ps.eyeota.net
1    18.139.68.213 (None, )

ASN- ()
i.w55c.net
3    13.215.220.77 (None, )

ASN- ()
pm.w55c.net
1    2001:df2:a300:bbbb::136 (None, )

ASN- ()
d.turn.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    13.251.233.244 (None, )

ASN- ()
sync.crwdcntrl.net
2    54.150.10.110 (None, )

ASN- ()
loadus.exelator.com
1    104.244.42.131 (None, )

ASN- ()
analytics.twitter.com
10    139.5.84.243 (None, )

ASN- ()
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
2    35.230.38.116 (None, )

ASN- ()
um.simpli.fi
2    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    54.151.166.121 (None, )

ASN- ()
ice.360yield.com
1    2600:9000:223b:b000:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
4    184.51.99.100 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-99-100.deploy.static.akamaitechnologies.com
millennialnexageinapp768429046591.s.moatpixel.com
4    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    63.251.14.14 (None, )

ASN- ()
ap.lijit.com
1    185.84.60.20 (None, )

ASN- ()
c1.adform.net
1    18.136.165.105 (None, )

ASN- ()
ads.yieldmo.com
4    23.207.180.23 (None, )

ASN- ()
contextual.media.net
3    52.95.118.179 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
5    52.46.151.131 (None, )

ASN- ()
s.amazon-adsystem.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    2406:da18:22e:4f05:9b8b:4903:ea64:de6a (None, )

ASN- ()
d.adroll.com
2    2406:2600:7:100::9 (None, )

ASN- ()
gum.criteo.com
1    2606:4700:3031::6815:29fd (None, )

ASN- ()
id.a-mx.com
1    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
1    23.207.180.199 (None, )

ASN- ()
ads.pubmatic.com
1    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
1    182.161.73.136 (None, )

ASN- ()
mug.criteo.com
3    67.199.150.86 (None, )

ASN- ()
simage2.pubmatic.com
1    52.220.229.2 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
Apex Domain
Subdomains		 Transfer
58 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 834
prod-m-node-2113.ssp.yahoo.com — Cisco Umbrella Rank: 62680
pn.ybp.yahoo.com — Cisco Umbrella Rank: 1034
service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 919
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
beap-bc.yahoo.com
46 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
ad.doubleclick.net — Cisco Umbrella Rank: 171
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
362 KB
43 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
260 KB
21 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1404
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3312
odb.outbrain.com — Cisco Umbrella Rank: 1596
sync.outbrain.com
84 KB
20 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
633 KB
19 rubiconproject.com
beacon-fra2.rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 541
eus.rubiconproject.com — Cisco Umbrella Rank: 533
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
30 KB
18 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 623
image2.pubmatic.com
image4.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
16 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 625
pix.as.criteo.net — Cisco Umbrella Rank: 16546
csm.as.criteo.net — Cisco Umbrella Rank: 14296
209 KB
12 pastelink.net
pastelink.net — Cisco Umbrella Rank: 128169
219 KB
11 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18072
ads.as.criteo.com — Cisco Umbrella Rank: 14011
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14518
ssp-sync.criteo.com — Cisco Umbrella Rank: 934
dis.criteo.com — Cisco Umbrella Rank: 686
gum.criteo.com
mug.criteo.com Failed
56 KB
10 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
9 KB
10 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 10532
a.vidoomy.com — Cisco Umbrella Rank: 2665
vpaid.vidoomy.com — Cisco Umbrella Rank: 2912
a-prebid.vidoomy.com
6 KB
9 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 891
136 KB
9 adligature.com
cdn.adligature.com — Cisco Umbrella Rank: 64878
191 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
6 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com
25 KB
7 eyeota.net
ps.eyeota.net
4 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
4 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
3 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
339 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 433
geo.moatads.com — Cisco Umbrella Rank: 739
px.moatads.com — Cisco Umbrella Rank: 513
mb.moatads.com — Cisco Umbrella Rank: 727
112 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1219
contextual.media.net
cs.media.net Failed
15 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
235 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338
2 KB
4 moatpixel.com
millennialnexageinapp768429046591.s.moatpixel.com — Cisco Umbrella Rank: 2956
1 KB
4 w55c.net
i.w55c.net
pm.w55c.net
3 KB
4 creativecdn.com
creativecdn.com
2 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
128 KB
4 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 9335
log.outbrainimg.com
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
3 openx.net
u.openx.net
us-u.openx.net — Cisco Umbrella Rank: 422
1 KB
3 rlcdn.com
idsync.rlcdn.com
924 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
d.turn.com
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654
1 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 9500
flint.defybrick.com — Cisco Umbrella Rank: 9116
20 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1528
cache.betweendigital.com Failed
2 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1886
mp.4dex.io — Cisco Umbrella Rank: 2011
25 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 73
2 KB
2 lijit.com
ap.lijit.com
1 KB
2 360yield.com
ice.360yield.com
849 B
2 simpli.fi
um.simpli.fi
1 KB
2 exelator.com
loadus.exelator.com
3 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 pippio.com
pippio.com
881 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 237
838 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
145 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 gammaplatform.com
cm-supply-web.gammaplatform.com
643 B
1 a-mx.com
id.a-mx.com
785 B
1 adroll.com
d.adroll.com
181 B
1 linkedin.com
px.ads.linkedin.com
514 B
1 yieldmo.com
ads.yieldmo.com
505 B
1 adform.net
c1.adform.net
cm.adform.net Failed
500 B
1 smaato.net
s.ad.smaato.net
623 B
1 twitter.com
analytics.twitter.com
394 B
1 crwdcntrl.net
sync.crwdcntrl.net
270 B
1 adition.com
dsp.adfarm1.adition.com
473 B
1 kargo.com
crb.kargo.com
504 B
1 mookie1.com
odr.mookie1.com
213 B
1 agkn.com
aa.agkn.com
657 B
1 krxd.net
beacon.krxd.net
337 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 3880
252 B
1 linksynergy.com
tags.rd.linksynergy.com
391 B
1 uplynk.com
onevideosync.uplynk.com — Cisco Umbrella Rank: 2773
195 B
1 socdm.com
tg.socdm.com
884 B
1 google.com.sg
adservice.google.com.sg — Cisco Umbrella Rank: 26706
531 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1349
161 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 8596
2 KB
1 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1394
940 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5645
208 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
30 KB
0 playground.xyz Failed
ads.playground.xyz Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 iprom.net Failed
core.iprom.net Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 admixer.net Failed
inv-nets.admixer.net Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 adhigh.net Failed
px.adhigh.net Failed
0 otm-r.com Failed
sync.dmp.otm-r.com Failed
0 adxbid.info Failed
adxbid.info Failed
0 adtelligent.com Failed
idrs.adtelligent.com Failed
0 opera.com Failed
t.adx.opera.com Failed
0 id5-sync.com Failed
id5-sync.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 sitescout.com Failed
pixel-sync.sitescout.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 geistm.com Failed
id.geistm.com Failed
407 105
Domain Requested by
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
pastelink.net
www.googletagservices.com
23 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
pastelink.net
www.googletagservices.com
22 ups.analytics.yahoo.com 9 redirects pastelink.net
ads.pubmatic.com
20 www.googletagservices.com securepubads.g.doubleclick.net
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
pn.ybp.yahoo.com
www.googletagservices.com
pastelink.net
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
ad.doubleclick.net
14 sync.outbrain.com widgets.outbrain.com
14 c2shb.pubgw.yahoo.com cdn.adligature.com
12 cm.g.doubleclick.net 9 redirects pastelink.net
12 pastelink.net pastelink.net
10 googleads4.g.doubleclick.net ad.doubleclick.net
9 cdn.js7k.com pastelink.net
pn.ybp.yahoo.com
9 static.criteo.net ads.as.criteo.com
9 cdn.adligature.com pastelink.net
cdn.adligature.com
securepubads.g.doubleclick.net
7 ps.eyeota.net 6 redirects widgets.outbrain.com
7 match.adsrvr.org 7 redirects ads.pubmatic.com
7 pix.as.criteo.net ads.as.criteo.com
7 d.vidoomy.com cdn.adligature.com
7 ib.adnxs.com 5 redirects cdn.adligature.com
pastelink.net
acdn.adnxs.com
ads.pubmatic.com
6 pixel.rubiconproject.com 3 redirects pastelink.net
eus.rubiconproject.com
6 image8.pubmatic.com 6 redirects
6 pr-bh.ybp.yahoo.com 1 redirects pastelink.net
ssum-sec.casalemedia.com
ads.pubmatic.com
6 token.rubiconproject.com 4 redirects cdn.adligature.com
eus.rubiconproject.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 image2.pubmatic.com 3 redirects ads.pubmatic.com
5 x.bidswitch.net 5 redirects ads.betweendigital.com
ads.pubmatic.com
5 s0.2mdn.net pastelink.net
ad.doubleclick.net
5 ad.doubleclick.net www.googletagservices.com
5 pn.ybp.yahoo.com pastelink.net
cdn.adligature.com
5 widgets.outbrain.com securepubads.g.doubleclick.net
widgets.outbrain.com
4 contextual.media.net 1 redirects cdn.adligature.com
contextual.media.net
ads.pubmatic.com
4 eb2.3lift.com 3 redirects pastelink.net
4 millennialnexageinapp768429046591.s.moatpixel.com
4 ssum-sec.casalemedia.com 2 redirects service.idsync.analytics.yahoo.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com pastelink.net
eus.rubiconproject.com
contextual.media.net
4 creativecdn.com 4 redirects
4 dis.criteo.com 2 redirects pastelink.net
widgets.outbrain.com
4 s.yimg.com pastelink.net
4 service.idsync.analytics.yahoo.com pastelink.net
4 prod-m-node-2113.ssp.yahoo.com pastelink.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fonts.gstatic.com fonts.googleapis.com
3 simage2.pubmatic.com ads.pubmatic.com
3 beap-bc.yahoo.com cdn.js7k.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 pm.w55c.net 3 redirects
3 idsync.rlcdn.com 2 redirects widgets.outbrain.com
3 cms.quantserve.com 3 redirects
3 log.outbrainimg.com widgets.outbrain.com
3 ads.betweendigital.com cdn.adligature.com
ads.betweendigital.com
2 gum.criteo.com contextual.media.net
2 us-u.openx.net 2 redirects
2 ap.lijit.com 2 redirects
2 ice.360yield.com 2 redirects
2 image4.pubmatic.com 2 redirects
2 um.simpli.fi 2 redirects ads.pubmatic.com
2 loadus.exelator.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects contextual.media.net
2 dpm.demdex.net 1 redirects widgets.outbrain.com
2 b1sync.zemanta.com 2 redirects contextual.media.net
2 pippio.com 2 redirects
2 c.bing.com 1 redirects widgets.outbrain.com
2 sync.mathtag.com 2 redirects
2 ad.turn.com 2 redirects ads.pubmatic.com
2 px.moatads.com
2 csm.as.criteo.net ads.as.criteo.com
2 flint.defybrick.com rock.defybrick.com
2 d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 script.4dex.io cdn.adligature.com
script.4dex.io
2 www.googletagmanager.com pastelink.net
www.googletagmanager.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
2 cdnjs.cloudflare.com pastelink.net
ads.as.criteo.com
2 fonts.googleapis.com pastelink.net
1 cm-supply-web.gammaplatform.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 ads.pubmatic.com contextual.media.net
ads.pubmatic.com
1 secure-assets.rubiconproject.com 1 redirects
1 a-prebid.vidoomy.com
1 acdn.adnxs.com cdn.adligature.com
1 mug.criteo.com
1 id.a-mx.com cdn.adligature.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 px.ads.linkedin.com pastelink.net
1 ads.yieldmo.com 1 redirects
1 c1.adform.net pastelink.net
ads.pubmatic.com
1 mb.moatads.com z.moatads.com
1 s.ad.smaato.net 1 redirects
1 u.openx.net 1 redirects
1 analytics.twitter.com widgets.outbrain.com
1 sync.crwdcntrl.net widgets.outbrain.com
ads.pubmatic.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 d.turn.com 1 redirects
1 i.w55c.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 crb.kargo.com widgets.outbrain.com
1 odr.mookie1.com widgets.outbrain.com
1 aa.agkn.com widgets.outbrain.com
1 beacon.krxd.net widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 tags.rd.linksynergy.com 1 redirects
1 onevideosync.uplynk.com pastelink.net
1 tg.socdm.com 1 redirects
1 ssp-sync.criteo.com 1 redirects
1 vpaid.vidoomy.com cdn.adligature.com
1 a.vidoomy.com cdn.adligature.com
1 beacon-fra2.rubiconproject.com cdn.adligature.com
1 odb.outbrain.com widgets.outbrain.com
1 geo.moatads.com z.moatads.com
1 z.moatads.com pastelink.net
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 ads.as.criteo.com d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com pastelink.net
1 rock.defybrick.com widgets.outbrain.com
1 widget-pixels.outbrain.com pastelink.net
1 tcheck.outbrainimg.com widgets.outbrain.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.com.sg securepubads.g.doubleclick.net
1 prebid.media.net cdn.adligature.com
1 tag.1rx.io cdn.adligature.com
1 rtb.adxpremium.services cdn.adligature.com
1 mp.4dex.io cdn.adligature.com
1 g2.gumgum.com cdn.adligature.com
1 pro.ip-api.com cdn.adligature.com
1 www.gstatic.com www.google.com
1 code.jquery.com pastelink.net
0 ads.playground.xyz Failed ads.pubmatic.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 uipglob.semasio.net Failed ads.pubmatic.com
0 pixel.tapad.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 sync.srv.stackadapt.com Failed ads.pubmatic.com
0 sync-dsp.ad-m.asia Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 sync-tm.everesttech.net Failed ads.pubmatic.com
0 inv-nets.admixer.net Failed contextual.media.net
0 cs.media.net Failed contextual.media.net
0 sync.go.sonobi.com Failed contextual.media.net
0 p.rfihub.com Failed contextual.media.net
0 cache.betweendigital.com Failed ads.betweendigital.com
0 px.adhigh.net Failed ads.betweendigital.com
0 sync.dmp.otm-r.com Failed ads.betweendigital.com
0 cm.adform.net Failed
0 adxbid.info Failed cdn.adligature.com
0 idrs.adtelligent.com Failed cdn.adligature.com
0 t.adx.opera.com Failed widgets.outbrain.com
0 id5-sync.com Failed widgets.outbrain.com
cdn.adligature.com
0 bh.contextweb.com Failed widgets.outbrain.com
0 pixel-sync.sitescout.com Failed widgets.outbrain.com
0 sync.technoratimedia.com Failed widgets.outbrain.com
0 ssbsync.smartadserver.com Failed widgets.outbrain.com
0 cs.emxdgt.com Failed widgets.outbrain.com
0 id.geistm.com Failed widgets.outbrain.com
407 159
Subject Issuer Validity Valid
pastelink.net
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.google.com.sg
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
rock.defybrick.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-06-07		 4 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-01-16 -
2023-04-16		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-05-30		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-24 -
2023-05-24		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-27 -
2023-05-25		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-19 -
2023-04-16		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-24		 3 months crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-08 -
2023-05-10		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-27 -
2023-04-19		 2 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
onevideosync.uplynk.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-24		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-10 -
2023-06-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh

This page contains 52 frames:

Primary Page: https://pastelink.net/kztoeqi1
Frame ID: 12B481B661331F83B8824A8B0B2D5486
Requests: 91 HTTP requests in this frame

Frame: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EDE30E205CBC461E64377C5BD96FDA7C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA043A33E8E31DCB1A09EAAD9A0C0C73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 901D8D513A8ACBF69FFF7F3FA5A563D6
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts3iODVNXjynVENiymAnpEeuigDZpLXhDbWAUWhmydDKXT101x24I4UAultvLpqr01vUGFaql8tjfu2CHy2YQhFpeVXMix2LMizVvS_whQHcjpyd0m20X_xf44_SaHGezdS6xuoQ2waH9IYEQ2wlhVdgnWZwKVBECbtL8mT11cns7zoymn7-v_iNHwb7uSUjiwmXbtIowsJK7ch94nqTHULvESuRwqltkU89D14w9GZ1TZCk_E7OXl2hOLWaisnXCJyy2pg4jw1egvQyGRjBd579fMsy-ArFUN-RBbyp3v32TGcKSw3V1gGCBrAQPLAKDneCAjLO6dxY1Jk3lvSA&sai=AMfl-YQNfP4R_mR7vh0X7H4syGygEDWkNqmR1DLzvR9UQVJZGDdn8fax_MuBSjmZ7MYQukeg6oa3HcpM2efax_aKhFf49JCQ0GvfaDJ8_jp84O_rii4-bZ0YcNg68u5_lgHKOSqC4k8xK0Od3Ndu2gb_&sig=Cg0ArKJSzKCqji3o8po6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D11D4FF748B6C596E1B457CFD5CC8C33
Requests: 14 HTTP requests in this frame

Frame: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D62353D870D415C41EAAA8DA4F95853
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Frame ID: AF06C6830D3D0108CB1B65CC8CF77D12
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNU6T-EsFtP3T9VSN2UDumJn-9l36jL6pQiySsS2XLnZj8dEf2M7S17SYalsXCDeiBGZxyvdD6vuSvtIpmcD8jsvxOV-DrM1AU4R-dBNWu7ztopuyRQoFKua5Y6zXnC7UIVne2aG-nWvB64rHTzlL-jSGDYokb3UJ3u43RmBImghkyIEyQzb4k0UoP37we6CHyrpOHIVGWX6W7BlybeL4xNnQ1ZIfnKVU7mYDSo9ER7uqTpUKNdHEQ-6OlW_zHSzoiCzTW-qNbXaSPpa6ts742Yl8L7dtX8Fp9C-5n3elS5nl_W-wG1D3Fx6iDukMgWApIWvTl2TeV_plYGL4XRmhp_Q&sai=AMfl-YTYzIeccaEXh3UvbZEaNQegZyMYYIh4wfNVOD77Ewoy7kC7SWxLbsC7NAVbP2UQjMhhUMZ30MxxNQWeLvoMMshNYnC4xsq2FLtFSll_i8oxtYZ-hsb33aUGVBd_qlu8IdRyLoKANGttxjzzudg&sig=Cg0ArKJSzKZQenvNo6VlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 268137312FFDA07AF236C2EB2712131D
Requests: 33 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3PJN_uTJURwEamTXofXiu23bX93-6CEwIb72UTquN-kqgvTCXQfHfrfQmTsZmzXBdNFF98ibdCi3ktHdEr1d8zhv0mI3VhjDNyrQ5OTtJ3DG8kB-ZtsuVVEM1JG-dubEyORKNMd5sVTWHFZgPC4hJa5fPbFbGkqbXrbO0JIRnJFM0J04YksbgXWj1b-oYRdblp2I5g18F5-QdD9pAEiuvdL9xq4crF7QCMk1RLyaKl39UQ9Xc9bKit0aBh6JljiP756SjgsKhPnPl8sV4-uaMEtIi12a8YweOQcP3afUHOX-mEt1fkjKrptMZ5-sH7JBtPZfKQcmqcg3QNJwTQh6CGG0&sai=AMfl-YQEuiqhDQYP9Q7j-eypE9wnNhArjn8y5MhOx3eEoFVnkdVUTeduABadrVOohFKvKLc2c2hnRi_YmCxZ_WxvvstdERmAaAM4SnsjtZM6e2uDtWlYKFq5gKYUJU9glaNiFKPZf5O5r7kFyfvIOiFG&sig=Cg0ArKJSzF2M6zhFsLuPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C28DA161DCF952D60BF6C4474190E20
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu36CVvX41_ALTNHKbghe3GBJuL08KOGOITdDUPaOEbrGr4SMxNN8uKaqykGch13Ge1HGhIk_n6QhfUVoPzvhmQt4zefngTrUrOLRl4AdTVGBompAcmcO2zX016vCfGtUkl9-46G-HWAajpENTJl9BI9DDV2v5OrSLFSTKc39rQJCFTkrbg-NJy3OSDcgTs2YmXuKU2vA1pP7mulTQ4HTRWt8jc_9LZN6CmI5beP6YhV6Q-AWwAXD5zA5Dmtxy6bmVFRQjGUbSoq5sZPL0h6IJf-9aUx3HxzNubzLii8TXxLuQSQPs1s6bKmN95NK7c0q5EbjcTXCpCa_7q9SOikA&sai=AMfl-YShhqBSGZehGCme1H59C7-8sQYsRBPTaJjouHPyE6pKDJ9vU8eUIQtbx4TcsGG8UfingQrHbEcf08O39Gfk4o8oQEkU6mdXTfPvD98L2g5H6Fhdh2VViJ6dnfb3ikYIteSH3IflsL_ByVJiObUt&sig=Cg0ArKJSzDYbAStNrS_JEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5EE62C7EA9B62CADC97A8CD568898D44
Requests: 34 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=sg
Frame ID: 5E9DAA19495D4D57862BE49E6EC76971
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5O8S42mgrzPeiqYCrM9TFOPVLUCeJtFFvK_yNsVDMnNM-j7WBOpMf2L5ZF6un0kZTyJFHE5JIDZdXowBnz3v3A18eyQpmvb3RlNy6CZvOSMpmj-LH-h5MMv2-x7pLjOaTERH7pI3JMc3HTGkh_8tnZQUjS8dpDBtTUj7hY96rBeGQrDndpQNQRFixTZ6TLFYmBQPQsf4K9NN65AsF2cAQnL_EItPKnozetdCOus-dFnAk7iueNuU8QSldLZiuQ1WxFyRXIzVAfIRfecVbtL-nYjHCSHIwmyKc98lWQAOISbeY4YLUCIN8EJ6doKUVpB3jydQEv6yvtNvxOtQA0LYs&sai=AMfl-YTa-czryk7kU38fHhGZy3vCnN_QkDDvBS9p1LthZvhuC53N0JGgEPWuC2l8Tscf8l9RCbhpvDYZPzInaW5zpvmvMiviz2c5O_uYao6xFI9DLKzxyH6E6a48QYEuMwmPVcz_xw7FNvR82cvT104&sig=Cg0ArKJSzCHhKy-K5yLREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 612157EA31A7417496CEF9C394199150
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E861A1D324D771F70C7DFA00D13878DE
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=4b86c7cb-bf78-4633-978d-53c0b6d746c0
Frame ID: D22F0B59FEDC90349A3DD0E601361759
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: CC6E80409EA778830BC2CDFDB6B66259
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 5AE7438598C972D0BF9907967D6F564A
Requests: 36 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 728C7CFEAC78A4DE218A6A0A0CECF496
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGb19pWOe74vUSjTYkZQCV2jGRJxsfiRWnUHIQhCuVhoVl_5N72ItCNV6w-tFiQBmn32ooOazQhrsI09wmg6q14nTqBfaZcivRMDQUkYZruXafcWaysfFD6Q5zzujkzWlLBSp3WX5veU2oBkDB7kqZxdXvsb-bxcwmPZPXV_ADDsBnqVWfIW0sioD_5L7GXdVplCRD-wxDfgG0g6y5x1-4DM9XMHehcoDgqxlxxLc79BbcazhbNjp3VFVjWF8cV-yIKcAk75Sw9M6p0Zj7wXw4CRrtanw6hOi392dKdV-cQLphiwEp6uNY8itfhAWVrM_VieX-PsMBcE296JB3VgkzTDRAQZ7vSldM&sai=AMfl-YT6NKcM2RZ0u6AgoAjNGFK9v8RmhNZO2n_WdoxkyHNiVBlbXttMejfqMR67x7N_LR_A1mtRefeYi1GOtty9gfXvXMVEa3DRKjBiBYu6e9YYSx11C-VvOnj8gC5Ye9dnsWqGb27qNFCn_EobmIZf&sig=Cg0ArKJSzHt-YTEp4UgdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8E40DB2B09682525F9B1CB0C2667CAED
Requests: 22 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Frame ID: 7EC73E40A14D559BD26C6CC80C188033
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8BB1327B4C0556D1B4CDC389080BFCF8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A86ADBCD511A3587C6F79DC36063F72E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7AA3FC8340FA65AB2B6F706AEC6FB4BE
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 68E7028254E5A0A34725A02271A3DBF3
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4B1E857F2F12876392A2204FC070ED0F
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C59178949CFA6036C76656E348ABF74C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0452299D75C2ECE06B5DAEC00C050905
Requests: 11 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d420fa7e-96ba-5442-852d-0dfbe12b5aa5&CACHEBUSTER=498030
Frame ID: 8FD888E67FDF26EDEF18CD3ADF573398
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: CA7C0368353A2B9A983B0A0CA91B9B18
Requests: 3 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Drkt%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3D%7Buserid%7D
Frame ID: 24199DDAB8A19FAE3BBAAA023E678349
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Frame ID: 7C1177FB6B44FDDD570C148ADF6C3316
Requests: 14 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:20aa6406-5760-4f00-b72e-4bb097f1f183&gdpr=0&gdpr_consent=
Frame ID: F6C8D9893C42651E47D520E6C9434CE7
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: BFA8B42F29E2A7521167356F8B4BA135
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z7dfwxeklys
Frame ID: 1BDA00EE512714B43FBB7B3360E56D6B
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Frame ID: 51A43BC46AB1D6ADA00810A98D2E728E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=to3firWO2Yytj47Y4oHC3uaN2tit2IqEt4iY8CWK
Frame ID: C301928C16FB00D02F61B8E3DD66281A
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 78BCA489F26A93797BD51D2262B6BED0
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 89416CD95A5566C8709618C0C7630C3F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: E13DB15439CB530FA3610F6D58C9E8F8
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: D0D11E14E697048143A58DA540C7A26F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=17zjft5xyu1j
Frame ID: 01F6410CB388CA299FF201779B790FA7
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Frame ID: 5AE59B7A3D525F632D6E253A288329C7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CC2F51963E7FF288152FC14CB2B3485F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
Frame ID: 7AA89A1376E6377BA4A84CEA3BEB2D32
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DB5DC8D94EB4FD20189579A27117B08B
Requests: 1 HTTP requests in this frame

Frame: https://ad.turn.com/r/cs?pid=45&rndcb=1238518827
Frame ID: 55B916536941E5E68E2B707EA28494A0
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F0876E9D78A5F6F5F8C604A8FF342C1A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 493FEF90B7C6AF4C838476B0171DE4B9
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: C8E7C83372492A2C6E0CB43F2BFD95A3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 90F64901068B99D9110E45D7E4EB9B01
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:anagpaZ81Pzi8N5&gdpr=0&gdpr_consent=
Frame ID: 7C36492CACBBBDB1CD8FC78430CEAE5B
Requests: 1 HTTP requests in this frame

Frame: https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Frame ID: 56E051664A1A60FA3735CDB47291FD81
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=pba&refUrl=&vid=81371864423211387858092148000V10&ovsid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Frame ID: B3F51D446D9A269BE61D2F784D8F26F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Exactly why Casino Games Are Entertaining - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

407
Requests

70 %
HTTPS

37 %
IPv6

105
Domains

159
Subdomains

87
IPs

7
Countries

3355 kB
Transfer

8073 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 158
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=73 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
Request Chain 159
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57926/sync?uid=BtC5DRfmfIZIMabijNmS&pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
Request Chain 160
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F55936%252Fsync%253Fuid%253D%2524UID%2526_origin%253D0%2526redir2%253Dtrue HTTP 302
  • https://ups.analytics.yahoo.com/ups/55936/sync?uid=3964265803677574557&_origin=0&redir2=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3964265803677574557
Request Chain 161
  • https://cms.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=W2fG6VhkwO9AZZe7D2vbvQtnw7tAMpPnWmLyiFD0
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=rmx&gdpr=0&gdpr_consent= HTTP 302
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=rmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=ZAZXYcCo5s8AAIofEZkAAAAA&expires=30&ssp=rmx HTTP 302
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=bbe1bd25-e373-4e62-b717-d85f6df232ee&_origin=0&gdpr=&gdpr_consent=
Request Chain 163
  • https://ad.turn.com/r/cs?pid=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=9015009517222667117&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 164
  • https://sync.mathtag.com/sync/img?mt_exid=21&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55938%2Fsync%3Fuid%3D%5BMM_UUID%5D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=20aa6406-5760-4f00-b72e-4bb097f1f183&_origin=0&gdpr=0&gdpr_consent=
Request Chain 167
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/y-lCNJkiFE2uIyZmj3KGdbRxiHT6A1Sh8-~A
Request Chain 168
  • https://c.bing.com/c.gif?Red3=OATHMS_pd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msn/17DD8DBA11FA6D6301979F7610FB6C34
Request Chain 169
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&_origin=0&gdpr=0&gdpr_consent=
Request Chain 212
  • https://idsync.rlcdn.com/420046.gif?partner_uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEpBT2tUQUxDd29ldlljMmRUSmlQcGpnVHhtYWJpZXQzamVOSk5vVnBjbVRSLUJxRG8xMHpUQzUxV3dJLUtqU1MQABoNCOCumaAGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a624734f29d8aca57514ee9e74cefddbf2e256ccdebff1c2a8892873dcc0e262791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhNjI0NzM0ZjI5ZDhhY2E1NzUxNGVlOWU3NGNlZmRkYmYyZTI1NmNjZGViZmYxYzJhODg5Mjg3M2RjYzBlMjYyNzkxNDI2YjU0MTdkY2UyMRAAGgwI4a6ZoAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhNjI0NzM0ZjI5ZDhhY2E1NzUxNGVlOWU3NGNlZmRkYmYyZTI1NmNjZGViZmYxYzJhODg5Mjg3M2RjYzBlMjYyNzkxNDI2YjU0MTdkY2UyMRAAGgwI4a6ZoAYSBAgCEABCAEoA&google_gid=CAESEGI8h8fHUBt9cAzDz8N1pfA&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fb54d623-5ea0-4f99-9532-b93f0a6c1226
Request Chain 213
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=c5a9mzsM5VsYxDyAHRgO&gdpr=0&us_privacy=1---
Request Chain 214
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3964265803677574557&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 215
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 217
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=
Request Chain 220
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=c30bfa84-777a-4e1c-a986-49723f21ac4e
Request Chain 221
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bbe1bd25-e373-4e62-b717-d85f6df232ee&ssp=outbrain&gdpr=0&gdpr_consent=
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDm4ePiXQFKyixqUe3j8hUQ&google_cver=1 HTTP 302
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=bbe1bd25-e373-4e62-b717-d85f6df232ee&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Request Chain 224
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7207544327784822936&gdpr=0&gdpr_consent=
Request Chain 225
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmFteXVJS3laMVZTeFJVSjVNdzVzd2Z4ZGVpTGk0clM3VXkyNFFDdzhZR0E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0&google_gid=CAESEALctMmbMsnrbNNTAzUVt_A&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://ps.eyeota.net/match?uid=3964265803677574557&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=anagpaZ81Pzi8N5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=9015009517222667117&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&bid=1e2n4ou
Request Chain 227
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OIs0Ru2gNk0Ife9HHU5R&pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Request Chain 228
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LEXBJUTS-1Q-9ALV&gdpr=0&us_privacy=1---
Request Chain 230
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&xl8blockcheck=1 HTTP 302
  • https://analytics.twitter.com/i/adsct?p_user_id=f062e7ff0087823d6ffb98e1fed9b891&p_id=28539
Request Chain 231
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 232
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%2526gdpr%253D0%2526initiator%253Dob%2526gdpr_consent%253D%2526us_privacy%253D1---%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEAK-LYCC6Dvp1E0g4Ecw91Y&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5BB1C36D8B744BEFA38DCA097C9817B2 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26initiator%3Dob%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D29217D1B-5EBE-4765-B9E7-A1FA98B86C4C HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Request Chain 233
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&uid=07ba672d-e89b-432e-888a-e54497ced785
Request Chain 234
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
Request Chain 236
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=d9c6885a-33f6-474c-a6d5-f8bfdda6de9f&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 237
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=46c4e34d&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Request Chain 241
  • https://id.rlcdn.com/711945.gif?ct=4&cv= HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Request Chain 243
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=5pWAtuWWhrD9l9Hkspmd4raVheT9wNW455B5rgVT
Request Chain 268
  • https://ssum-sec.casalemedia.com/usermatch?s=175407&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Request Chain 269
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-1UqXNHBE2uUsLWXYEDldAlfcnaS2.Cg-~A%26gdpr%3d0%26gdpr_consent%3d%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-1UqXNHBE2uUsLWXYEDldAlfcnaS2.Cg-~A%26gdpr%3d0%26gdpr_consent%3d%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F58292%252Fsync%253F_origin%253D0%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2523PMUID%2526redir2%253Dtrue&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjkyMTdEMUItNUVCRS00NzY1LUI5RTctQTFGQTk4Qjg2QzRD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D29217D1B-5EBE-4765-B9E7-A1FA98B86C4C%26redir2%3Dtrue&xid=y-1UqXNHBE2uUsLWXYEDldAlfcnaS2.Cg-~A HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=&uid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&redir2=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0
Request Chain 270
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-Pqtolt5E2uF2lByK.7hHUn2wWUiFqw--~A&gdpr=0
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CWmZHM2xORTJ1Rzc0UUlwdWlkNnN3SFl5QlBxbXBDYX5B&gdpr=0&gdpr_consent=&_origin=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Request Chain 272
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=2897923024276059055810&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-bgqWoo1E2uI4v92Qs4QAHu_rqsRrU4GB~A&ums2=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3585500b-878f-4de3-92ab-e7f9bedd5d25&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 274
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GRF5JLZHkANhD8MGRpCB5hjd
Request Chain 276
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=996fcda3-4f1f-449b-b8c2-76e3b8d6e4c7
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LEXBJUTS-1Q-9ALV&gdpr=0
Request Chain 278
  • https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58529/sync?uid=gece288d1fa91a36e168&_origin=0&gdpr=0&gdpr_consent=
Request Chain 279
  • https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-2aYMe4xE2uF0y9vShG5LLcnIWcapWsxL~A&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D0%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3211387858092148000V10&gdpr=0&gdpr_consent=
Request Chain 288
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=&expires=30
Request Chain 289
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9373KwNMTxO4MDqFJlERFQ&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9373KwNMTxO4MDqFJlERFQ&gdpr=0
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEM2_he10k9MV7AWiL1kASUo&google_cver=1
Request Chain 291
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PwQWbtyoTNeLFfAztZm79A&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PwQWbtyoTNeLFfAztZm79A&gdpr=0
Request Chain 292
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xlpqGKVJZmiJ-VD4CCvTl8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iKoxlqNE2oKyxd9oPQGVKZBDLYymGj15GEM8AQ--~A
Request Chain 293
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXBJUTS-1Q-9ALV&gdpr=0
Request Chain 294
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYQkpVVFMtMVEtOUFMVg==&gdpr=0
Request Chain 295
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzAzYzdiOTZhNjUwNTQ1YTA2OWU4MTE2OTc4ODA2NTRkZWNiMDkzNA&gdpr=0
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE8BqISx8HwHZZdLznx_3Sg&google_cver=1
Request Chain 305
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3585500b-878f-4de3-92ab-e7f9bedd5d25&expiration=1680729185&gdpr=0&gdpr_consent=
Request Chain 306
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZAZXYEpUzMktMBcOj8P22AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRdUWaovdU5uKRXnkHs61o&google_cver=1
Request Chain 307
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 309
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9015009517222667117
Request Chain 310
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3964265803677574557
Request Chain 311
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=79888E5A804D40D5AEAFAD1CDEF59C84
Request Chain 312
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&uid=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB
Request Chain 346
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=PxNWt3wxSEJZTnNLRU5tTHRLNVFvWldQcUxJR1oxaDZhYmdTSGVrU0dsVGFXZ05UMFJLSmtJeGU1RDAwMHJiZEtnM2NvbmRzOU1maUpVejJhdENVcnVyMGN0OGtaSjRQdjBLWGxaaU00aVF4cTgxTHpEWStxWlBQT2piWXYrTlpVby9HYUwzVE9JSVJLbitKOStqWmtOZXgyUEVlVTdSTzhGMUY4NVBQdXM5TWN6SWxTNUlXckdXTXZmc1d4R3AvSmxDa1NSZlMwdHFVT3pnMUx4SmlVTGszUHNQVHE3Z0lYUU1Wc0ZrOUtQMllKQVVBPXw&cppv=2
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=bbe1bd25-e373-4e62-b717-d85f6df232ee&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-LNqZtllE2pmCbJ.mP7Gbvbe9LldqtPDOxpwIbQ--~A&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbe1bd25-e373-4e62-b717-d85f6df232ee
Request Chain 357
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
Request Chain 358
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dbbe1bd25-e373-4e62-b717-d85f6df232ee&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=20aa6406-5760-4f00-b72e-4bb097f1f183&expires=30&ssp=between&bsw_param=bbe1bd25-e373-4e62-b717-d85f6df232ee&gdpr=&gdpr_consent=
Request Chain 361
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS15aEFTSmFSRTJ1R2c3UlJfcnVKRHNiZ0RUQnBNM0ZqR3ZIdS4uaWMtfkE%3D&gdpr=0
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 369
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dopx%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3211387858092148000V10&type=opx&refUrl=&vid=81371864423211387858092148000V10&ovsid=7f8727b5-3c75-4432-88aa-c9879d9a8272
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzIxMTM4Nzg1ODA5MjE0ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENvL-fEB6GBJPPBKlvTZWg8&google_cver=1
Request Chain 371
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Ddxu%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=dxu&refUrl=&vid=81371864423211387858092148000V10&ovsid=anagpaZ81Pzi8N5
Request Chain 372
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a6c1f602-8756-401c-8df8-356c2a563f72
Request Chain 373
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3Dbbe1bd25-e373-4e62-b717-d85f6df232ee%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7
Request Chain 376
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3585500b-878f-4de3-92ab-e7f9bedd5d25
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:20aa6406-5760-4f00-b72e-4bb097f1f183&gdpr=0&gdpr_consent=
Request Chain 382
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z7dfwxeklys
Request Chain 384
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=to3firWO2Yytj47Y4oHC3uaN2tit2IqEt4iY8CWK
Request Chain 387
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=17zjft5xyu1j
Request Chain 394
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1678137186586 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1238518827
Request Chain 399
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:anagpaZ81Pzi8N5&gdpr=0&gdpr_consent=
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KSF9G16-R2W556H6mLhsTA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

407 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kztoeqi1
pastelink.net/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
7da27cc977651ec2112d493553573cce09852af13c75eba6a084f7bba625c266
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 21:13:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 21:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 21:13:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 21:13:00 GMT
styles.css
pastelink.net/assets/css/ 		121 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/kztoeqi1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Jan 2023 14:09:07 GMT
server
nginx
etag
"63b82b83-1e279"
content-type
text/css
accept-ranges
bytes
content-length
123513
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:00 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1678137180.dop042.la3.t,1678137180.cds066.la3.hn,1678137180.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
script.min.js
pastelink.net/assets/js/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/kztoeqi1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Nov 2022 12:00:15 GMT
server
nginx
etag
"6376224f-a225"
content-type
application/javascript
accept-ranges
bytes
content-length
41509
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3445674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y%2F0MrQCAxv83gfjTog35FKDlw9jmnl4Vk71R1ucT%2Boa5EV%2Fud6hDu%2BiHxCxEG3mXQlO3ctFqw9i6qSnhv4q4ZenQnVspb4266edBkjKL9J9DrRCxPqAOw%2BmKCWBMPuRf6lCc8KaaFR%2F2Yyp4StSug%2F2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a3d99a1395b4679-SIN
expires
Sat, 24 Feb 2024 21:13:00 GMT
rules.js
cdn.adligature.com/pl/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/rules.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670dc66bdd658139d240eedad1274df27975093212b087640ace94fdd41e2038

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
cf-polished
origSize=29547
x-guploader-uploadid
ADPycdvLVJKpcQScFtLncOawuQXkh9L6BXA8t0B0ctAg3MplNGPdRi2iYmPi5zfHKNYHFRXv_BCHqZsSygrZrbV65zs3fw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:08:54 GMT
server
cloudflare
etag
W/"7543a866e92135abc861c11eeb7b8ee8"
vary
Accept-Encoding
x-goog-generation
1675969734359872
content-type
application/javascript
x-goog-hash
crc32c=rHH5GQ==, md5=dUOoZukhNavIYcEe63uO6A==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSfuPpu8rHNqyc%2BsyMcLmAmYygQpDM78jIphmG36Pp7ulj612x%2BZdfywoq6G3Q765V3O4Qqh6eklcap4Nt9bLh%2BBDuSQL%2F%2F8Ro5rjPCKsWfeE6Ee47HE3Ly8TBtC7bWExf4%2BA6Q%2BUOGtZwcbtzBT1Dw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
29547
cf-ray
7a3d99a1394f3f80-SIN
expires
Mon, 06 Mar 2023 21:13:20 GMT
css2
fonts.googleapis.com/ 		410 B
372 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Homemade+Apple:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34c9679776c240490c584578b327d109c0bf340a5e09714198de44600af4be4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 21:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 21:13:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 21:13:00 GMT
api.js
www.google.com/recaptcha/ 		909 B
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
85c68245f67099f366fd5911f4d54340e16f5e671769af18b174f4958f8f726d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
575
x-xss-protection
1; mode=block
expires
Mon, 06 Mar 2023 21:13:00 GMT
gtm.js
www.googletagmanager.com/ 		188 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75d49ccf8ab68a6203d0800c5673b189372737630ffc5f55cdef70d847a11b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68251
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Mar 2023 21:13:01 GMT
advally-5.6.0.js
cdn.adligature.com/rules.js/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/rules.js/advally-5.6.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1440
cf-polished
origSize=178816
x-guploader-uploadid
ADPycdsVH-a9ZAV_VL6oF_XeZyELOlR8SSTKklz1InpB8e5L2KwuxQEJiWeZzc-maVooHshDKcgkNxjw2ThGf1-hg8LHeA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 18:36:31 GMT
server
cloudflare
etag
W/"93d406c6937e7a8018d85789ad1193d5"
vary
Accept-Encoding
x-goog-generation
1671042991645353
content-type
application/javascript
x-goog-hash
crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ig1liMsWd54GKEm%2FO5H3DMup1aQN6hMrbmKqB%2BdoGZA7FRciT%2FoWAIpR86SVrTffUhvMNa1uxaKivz566swxlQGv4GxIOcgwOucQRHxAUGGQgEYGMzG%2FhOSJmZWRx6ElQmCD4zHumkUpeVmsmGW632E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
178816
cf-ray
7a3d99a5eb2a3f80-SIN
expires
Mon, 06 Mar 2023 22:49:01 GMT
rules.css
cdn.adligature.com/pl/prod/ 		212 B
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/rules.css
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deaac5d56e16e3ebabea7074260b0fd928a5f1ed99708ce779fba46a83bcdc8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
203
x-guploader-uploadid
ADPycdvoZ8XoNJf9M7x1iY0sDvx9-Og7hGCj6JynCihR7GSGXWP4_FKOTu7nqM6LAj6xU_Vdu9P7-dpZF4Zdi5XjsBOuVA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 19:08:53 GMT
server
cloudflare
etag
W/"6028266d2acabeaa67379ad7bbbb6964"
vary
Accept-Encoding
x-goog-hash
crc32c=mXGApQ==, md5=YCgmbSrKvqpnN5rXu7tpZA==
x-goog-generation
1675969733527635
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7KBSSfW0s6V6RzG6WHwfq9IsucZHXPTV7tXjUPr%2BTFi9JU5gn55Ln4w9De7mDSiqHp9PT7sPkY1RTMfSCP3icTulNDRd1nDZHEMI2E3eDb1lWPloli%2BpNPmMOLqx%2FRRzmfQdGwf%2FcPWIIio0aHfEJ8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length
212
cf-ray
7a3d99a5eb2b3f80-SIN
expires
Mon, 06 Mar 2023 21:19:38 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ 		412 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__zh_cn.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd908b5dc79f2afe817071019dbb00e7b9821ccc1f4b900168a9d269788f8ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 00:04:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166935
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 18:46:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 00:04:16 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo.svg
pastelink.net/assets/images/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-d3d"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3389
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 12:50:08 GMT
x-content-type-options
nosniff
age
289373
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 12:50:08 GMT
Qw3EZQFXECDrI2q789EKQZJob0x6XHg.woff2
fonts.gstatic.com/s/homemadeapple/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/homemadeapple/v18/Qw3EZQFXECDrI2q789EKQZJob0x6XHg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Homemade+Apple:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbaa96c741caa479d4647fc567f64e5ddc71eec58ee9849cb9e8a14bee65bc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 05:09:19 GMT
x-content-type-options
nosniff
age
576222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48344
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Feb 2024 05:09:19 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 02:34:12 GMT
x-content-type-options
nosniff
age
326329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Mar 2024 02:34:12 GMT
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-e31"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3633
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:53:21 GMT
x-content-type-options
nosniff
age
346780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 20:53:21 GMT
/
pro.ip-api.com/json/ 		53 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
88aebe77c821689d5497225dda6e0c5ad7b75d71ff3e96430d251bfbc825a63a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 21:13:01 GMT
Content-Length
53
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f069bbb95e66fea0734d945b83a8e85de6a3102c0b1615ef24ce760d6f2793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26810
x-xss-protection
0
server
sffe
etag
"1503 / 838 of 1000 / last-modified: 1678104717"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Mar 2023 21:13:01 GMT
prebid-7.35.0.js
cdn.adligature.com/pl/prod/ 		339 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97f22fde697c9d8c77639fbbca1a74e82708f3c908d9005107cd2fc71033da1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73
cf-polished
origSize=347853
x-guploader-uploadid
ADPycdtRxiXbDRUXS1ry-C6jPlPokzN9cxTPXczI0CRRUxlnwjImsgxZ8myi1nx_eDdpcCeLlZ6jX1tcnMbrkrbJdtK3YGi5E4YF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:08:52 GMT
server
cloudflare
etag
W/"2da9bf1e0fca69a19e94f037f85b47f1"
vary
Accept-Encoding
x-goog-generation
1675969732685869
content-type
application/javascript
x-goog-hash
crc32c=S2tX3Q==, md5=Lam/Hg/KaaGelPA3+FtH8Q==
cache-control
public, max-age=900, s-maxage=300, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkHnMXaM9ytgTyo1AFCQK%2FdtquF7BxeNt8CNfu2T5xJ%2F6KwDqJ2Uw%2F%2FGPyC6unwWU%2FSsQB3t0KrktTP7ayK6ogY4qQBG3uAK6uKIoOmKpLoLBMQo%2B41F75Kgtz%2FyqmUUhnZCyt%2BiwkDqhMsmro6KkUE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
347853
cf-ray
7a3d99a64f0f6bf3-SIN
expires
Mon, 06 Mar 2023 21:16:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 19:28:00 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6301
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 06 Mar 2023 21:28:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2581d2b2dc42af66b6ecea0c14feaabc22736563abc3802282c8726b3612ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79585
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Mar 2023 21:13:01 GMT
pubads_impl_2023022801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 07:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132270
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 09:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Mar 2024 07:16:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:01 GMT
collect
www.google-analytics.com/j/ 		3 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2113578989&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&ul=en-us&de=UTF-8&dt=Exactly%20why%20Casino%20Games%20Are%20Entertaining%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1643050586&gjid=307705372&cid=824906174.1678137181&tid=UA-55088947-2&_gid=1005764722.1678137181&_r=1&_slc=1&gtm=45He3310n8155WHPWQ&z=534112210
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3310&_p=2113578989&cid=824906174.1678137181&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678137181&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&dt=Exactly%20why%20Casino%20Games%20Are%20Entertaining%20-%20Pastelink.net&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2113578989&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&ul=en-us&de=UTF-8&dt=Exactly%20why%20Casino%20Games%20Are%20Entertaining%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=522110489&gjid=451503896&cid=824906174.1678137181&tid=UA-197326395-9&_gid=1005764722.1678137181&_r=1&_slc=1&z=617918430
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::65 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
localstore.js
script.4dex.io/ 		483 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
354370
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59yBPjm%2FKMOVGlHpVrdch%2F01slpYjsFf5wzlPflRq8CvBn4w9HIxW7pgw03rz88hZSO14n67WUqb7%2BbSATN4FAxO2jaNBulYggnJguMNfr3uI86rXo%2BEyKXC%2BuM1BBcDV887LDjwKI1phmIV"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7a3d99ac6f114048-SIN
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 06 Mar 2023 21:13:02 GMT
server
ATS/9.1.10.25
imp
g2.gumgum.com/hbid/ 		400 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1678137182136&to=0&aun=advally-adhesion-slot&pubcid=e79b3674-317a-434e-a570-06abf11bad6d&gpid=%2F22405481091%2Fpastelink.net%2FBottom_adhesion_banner&t=arfs5lnr&pi=2&schain=1.0%2C1!advally.com%2CP58S175%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.35.0%22%7D&ogu=https%3A%2F%2Fpastelink.net&ns=10240
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.137.42 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-137-42.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fc4a6d9b94a9bb1f4a3c2ddcace9fd4a584fe6f2e2d88b10b078fa433ccdabda

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
mp.4dex.io/ 		0
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:02 GMT
x-err
Parsing the Prebid Request. website disabled
x-version
3.0.0-gcp-tyo
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7a3d99ac8ee5a069-SIN
expires
0
adjson
ads.betweendigital.com/ 		2 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ee1836563df819c25c8ff5638af027cac9870456ea0e72258891a2fb71c37773

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:02 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2032
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:02 GMT
AN-X-Request-Uuid
cea468a9-61ab-4e6c-b0fc-49c30570074e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=advally-adhesion-slot&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=3134a670ef256cd&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 06 Mar 2023 21:13:02 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=Top_leaderboard&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=32b59366c07a4f9&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
df6489040da427f79479ce6c8bf740d0c3bd6c5393f47196b72581a9583f0292

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
br
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
3611
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-1&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=3362f8cdc79b36b&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 06 Mar 2023 21:13:03 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-2&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=3443fc4f292f1f&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 06 Mar 2023 21:13:02 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-3&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=35039a10453d047&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 06 Mar 2023 21:13:02 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=AdvallyTag-pl-leadermpu-4&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=36cfe1a71f0fb08&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 06 Mar 2023 21:13:03 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=Sidebar_MPU&w=160&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=37af292ac6a5f72&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 06 Mar 2023 21:13:02 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6bb919d0be72bd641b6d46aee19fa1428eb98aaffdf92a8ca7d47a6940980933

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3256
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d8be44b19c40c170bc803e3c35973751f755fc4d835a37e2e126b77cdd4bf05b

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
82
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e0dba359c85e884ff1c338ef21a4e6b024b1e57d4ae7e8878becfa472b3c2495

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3411
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c2148e116b153e987662b586ae7407277f32671584df5f00457f0471a5d60044

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ad351a0f4ed59a3988791e53416b532404cdc80df9f9bb80416ff27f51ab307b

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
2624
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c22d00639761beb2ebbb9b1f343275f62a108a9d72de3d977c6de7f814b2a42d

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3259
bidRequest
c2shb.pubgw.yahoo.com/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.77.152.198 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-152-198.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6d1f54735eb85fa53b529a71c737152398516a288860aea9d757f81ee358aac0

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
3237
mvo
tag.1rx.io/rmp/232868/0/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/232868/0/mvo?z=1r&hbv=7.35,2.1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.4 Queenstown Estate, Singapore, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:02 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU658616
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
96bdbebc9eb0354a2ef8602f3504e469649e15e8e42d457d48e20cf65d30a0ef

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:02 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
187
alt-svc
clear
expires
Mon, 06 Mar 2023 21:13:02 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
266104
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niLB%2F7iFLZ7u%2FE1esJj4hoqtuO386%2FXaWwWcpx9u2Gjy%2BGhUHfBZF06HajvU%2Fdy9FoFJmI8vRp%2FZCdrZoRk6%2FJOLRYJAWAyXY5S6xaegt%2BcG%2FDbKUw7ADPz21NLv6%2BisqSKpkOhmtsO9Btmh"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7a3d99ac9f043daa-SIN
integrator.js
adservice.google.com.sg/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.sg/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CBottom_adhesion_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=759513158&sfv=1-0-40&prev_scp=rand_key%3D33%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D728x90%26hb_pb_yahoossp%3D0.11%26hb_adid_yahoossp%3D39b6e16e6119b21%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.11%26hb_adid%3D39b6e16e6119b21%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183409&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=436&adys=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a32ed98b4f52d290a528280cc5486781c2a6ce4388329e3a64ef81fb1b31054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10028
x-xss-protection
0
google-lineitem-id
6154072045
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412184205
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CTop_leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&adks=2603746535&sfv=1-0-40&prev_scp=rand_key%3D33%26hb_format_vidoomy%3Dbanner%26hb_size_vidoomy%3D300x250%26hb_pb_vidoomy%3D0.10%26hb_adid_vidoomy%3D61abb4f5dcefe67%26hb_bidder_vidoomy%3Dvidoomy%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.10%26hb_adid%3D61abb4f5dcefe67%26hb_bidder%3Dvidoomy&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183416&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=310&adys=341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=705x170&msz=705x0&fws=4&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e888a8e391d95896c9394e229d6b2323201f8d9f236fa961b30157cc1d87c36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9895
x-xss-protection
0
google-lineitem-id
6154052362
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412688986
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=3&adks=245733266&sfv=1-0-40&prev_scp=rand_key%3D33%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.18%26hb_adid_yahoossp%3D41ed373015200c5%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.18%26hb_adid%3D41ed373015200c5%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183421&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=513&adys=983&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b8519a06bcd06be8dbbde8da7c726003a7b20c275ef6bef985024d1c1b8148f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9930
x-xss-protection
0
google-lineitem-id
6152651676
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412677859
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=719487818&sfv=1-0-40&prev_scp=rand_key%3D33&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183423&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=513&adys=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81fb3f1fbb2e5be4ddfc93103bc7573855aeeb094a4fc1c793254874dbfd473e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10443
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=5&adks=2453252592&sfv=1-0-40&prev_scp=rand_key%3D33%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.00%26hb_adid_yahoossp%3D4375f5ebbc55bb4%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D4375f5ebbc55bb4%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183425&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=513&adys=2212&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81b96677a0814e6eb0ed9b547796e01da299e500a4a1b029d9d62dc80e398224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9736
x-xss-protection
0
google-lineitem-id
6050546567
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138395899325
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CInline_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=6&adks=2971478790&sfv=1-0-40&prev_scp=rand_key%3D33%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D300x250%26hb_pb_yahoossp%3D0.08%26hb_adid_yahoossp%3D44d2d3e1c39c803%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.08%26hb_adid%3D44d2d3e1c39c803%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183428&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=513&adys=2704&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=665x0&msz=300x0&fws=4&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c27041b78bcf2dfa392be15c2ef59ce667565bd727db13889a7473806f74ef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9910
x-xss-protection
0
google-lineitem-id
6154689599
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412677859
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3947244399311024&correlator=1050562165437998&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CSidebar_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=7&adks=3854452215&sfv=1-0-40&prev_scp=rand_key%3D33%26hb_format_yahoossp%3Dbanner%26hb_size_yahoossp%3D160x600%26hb_pb_yahoossp%3D0.07%26hb_adid_yahoossp%3D45808ace4f592f2%26hb_bidder_yahoossp%3Dyahoossp%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.07%26hb_adid%3D45808ace4f592f2%26hb_bidder%3Dyahoossp&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1678137183430&lmt=1678137183&dlt=1678137180329&idt=1008&adxs=1071&adys=521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&frm=20&vis=1&psz=168x607&msz=160x-1&fws=4&ohw=1600&ga_vid=824906174.1678137181&ga_sid=1678137183&ga_hid=2113578989&ga_fc=true&ga_cid=1005764722.1678137181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42532af9af0847dff858342a353bd5172376b564a11b5a48abf6c78e6d9cbedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9879
x-xss-protection
0
google-lineitem-id
6152651658
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412677853
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
244c27d417e38356f3585c60c88b020a3866abfd1436bc4dbcb2a126c305f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11309
x-xss-protection
0
container.html
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDE3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:13:03 GMT
expires
Tue, 05 Mar 2024 21:13:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Mar 2023 21:13:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA04 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
457670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Mar 2023 14:05:13 GMT
expires
Thu, 29 Feb 2024 14:05:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 901D 		783 B
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6adc43c9418657a97de654f03ae515672c4f7f5261980d7958f8fa0f397115a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sSV9Q6xrsxPVroqcnJkL5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-sSV9Q6xrsxPVroqcnJkL5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:13:03 GMT
expires
Mon, 06 Mar 2023 21:13:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 901D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022801&jk=3947244399311024&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
pagead2.googlesyndication.com/bg/ Frame BA04 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hTGw0iTttGPYNj9jnBVYIcaXVb8tbW1IYYT-gsExgL0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 17:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
357853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14408
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 17:48:50 GMT
generate_204
tpc.googlesyndication.com/ Frame BA04 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q4CsNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame D11D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsts3iODVNXjynVENiymAnpEeuigDZpLXhDbWAUWhmydDKXT101x24I4UAultvLpqr01vUGFaql8tjfu2CHy2YQhFpeVXMix2LMizVvS_whQHcjpyd0m20X_xf44_SaHGezdS6xuoQ2waH9IYEQ2wlhVdgnWZwKVBECbtL8mT11cns7zoymn7-v_iNHwb7uSUjiwmXbtIowsJK7ch94nqTHULvESuRwqltkU89D14w9GZ1TZCk_E7OXl2hOLWaisnXCJyy2pg4jw1egvQyGRjBd579fMsy-ArFUN-RBbyp3v32TGcKSw3V1gGCBrAQPLAKDneCAjLO6dxY1Jk3lvSA&sai=AMfl-YQNfP4R_mR7vh0X7H4syGygEDWkNqmR1DLzvR9UQVJZGDdn8fax_MuBSjmZ7MYQukeg6oa3HcpM2efax_aKhFf49JCQ0GvfaDJ8_jp84O_rii4-bZ0YcNg68u5_lgHKOSqC4k8xK0Od3Ndu2gb_&sig=Cg0ArKJSzKCqji3o8po6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:03 GMT
outbrain.js
widgets.outbrain.com/ Frame D11D 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31d8362c77899fcb145ab5855ef85d7aea921f881d95cd9544a6df23149c6bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
last-modified
Mon, 06 Mar 2023 13:31:31 GMT
etag
"24-6bW+0uo35vhuA4t3eTQpO11Kn2o"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
bc692cca63dd8a688c17afe467683cf7
timing-allow-origin
*, *
content-length
71699
access-control-request-headers
X-OB-STG,X-OB-PRD
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D11D 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:03 GMT
truncated
/ Frame D11D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aeb4fb430d6de9556dfce4e1dbac77de1e41a593dc20f4556317fd80bcafcdf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cGFzdGVsaW5rLm5ldA==
tcheck.outbrainimg.com/tcheck/check/ Frame D11D 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cGFzdGVsaW5rLm5ldA==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.99.153 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-99-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:03 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=33326
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
2ae5f6447c4cff8e08447f5431b1c339
Content-Length
15
Expires
Tue, 07 Mar 2023 06:28:29 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame D11D 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-73.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 05 Apr 2023 21:13:03 GMT
date
Mon, 06 Mar 2023 21:13:03 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
view
securepubads.g.doubleclick.net/pcs/ Frame D11D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspXQ4HB-YlLpYrd2pHqzK4CCoEKRt5pPnGMhYrJtEqnyYl4HtniSQTMmKp_DXNS1wcFGwVv0KDu8oER3s54o4TjHRL5slY49RD6LEzMaDVPO_iQnXlFdmur3JYX_HGRampQ0JYW1TWYydGygoaPhlS9fEhetExqSVHWfo5ZXQYjor9j83LqzmB6ypPgT5kS_y4Zj4wdsmS_ZqGc2OZUHAd8aJ0GbrbFPM8SnOLzsocVdC5m_-WQ5--cxlTMlx3VClQ7z6UKI3LoISUR_Nz8AYQL7eg-35Og3MVT49nFvvOYk6nwmp4gaMGrbRxCylwusi-Qip9qo40y4aiV6HHYw5N&sai=AMfl-YRc5Ep3mOD-C64mBKHQvjENnb_jMcsDC11C5BADwVTf8yw3mg_YX47e2VjbJ33QqUwXxF2ldbd9gAPJGpS9Ys5SoNPc4mBEN-NQeo7ZeP0lNd1c42jmocOpbC0MqHE1v592RH35y9RvUFIbJeDt&sig=Cg0ArKJSzNYWDEIY8e6JEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:03 GMT
placement_invocation
rock.defybrick.com/ Frame D11D 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:ee00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 13:42:43 GMT
content-encoding
gzip
via
1.1 500f4e37798a0a47047ecfa48f4fd932.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
SIN2-P1
age
27020
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
trGa1UlIW68CLOR9wBjNKrd2jNALtRcUIrFSs61tWu_GV7zRu98Pig==
expires
Tue, 07 Mar 2023 01:42:43 GMT
show_pla
flint.defybrick.com/ Frame D11D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=84590927122129001017527626081908945986381127722422210275082010798727&nc=0&tsf=0&tsfmi=&pv=0&cb=1678137183859&ref=&pit=1&hl=2&op=0&fs=300x250&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDM4NTBdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NixcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjMyMDI4%0D%0AODQzODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjcsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4y%0D%0AfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTks%0D%0AIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAw%0D%0ALDMwMCwyNTAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI4MjQ5MDYxNzQuMTY3ODEzNzE4%0D%0AMSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0s%0D%0AWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoyNzYwMDAwMCxcInVqaHNcIjoxODIwMDAwMCxcImpo%0D%0Ac2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4t%0D%0AVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwy%0D%0ALDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0i%0D%0AXSxbLTM0LCItIl0sWy0zNSwiWzE2NzgxMzcxODM4NDQsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQv%0D%0AM1wiXSJdLFstMzcsIi0xMDktNjYtNzAtIl0sWy0zOCwiYywtMSwtMSwtMTY3ODEzNzE4MzY1OCww%0D%0ALDAsMCwwLDAsMTY3ODEzNzE4MzY2MywwLDAsOTEuOSw5MS45LDE4NywxODciXSxbLTM5LCJbXCIy%0D%0AMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGws%0D%0AdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3%0D%0ANjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0s%0D%0AWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnki%0D%0AXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw0NV1d&tsfu=&fst=1600x1200&dep=1&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A300%2C%22h%22%3A0%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22x%22%3A512%2C%22y%22%3A2211%2C%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=7mFAkFrbzl&sdd=%7B%7D&pto=204&ao=https%3A%2F%2Fpastelink.net&aol=1
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d2d07f929cbec14b12dd3e5ae90b6b3a394601f1d237ac70fa0a15ea2d92949b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1483
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D62 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:13:03 GMT
expires
Tue, 05 Mar 2024 21:13:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 5D62 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcwszX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoE_wFP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9zIzohKjsyNZhTNHZfCtUbWy9oomjC8lEUR51Qio-2zXvy_ljUSDgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xNzUwODU2MjM5MjA0NDE0GPrefA&sigh=KCALaKlFstU&uach_m=[UACH]&cid=CAQSSwDUE5ymOY_j_E2R6FvCVPp5oqMZ_G3P8X0Z0PhKQFzu0rgdsZoqPqCnLKMyYyEe3A7FGunb5OZfaQjIhUH52PWU6_vvZSQySptTJBgB
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 5D62 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMyjD_ezWawC-gHgvNldAgAAABhMXkAqKIAjEF9XBmSq2ZNZjL8YDaJvAAASAAAKDkFRVUJEUVlCRFFFQkRR&wp=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
147667
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame AF06 		166 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Requested by
Host: d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
URL: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c42225ed6cb1969752da988b187bd0b76a411709631e03282100a5287efc32aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:13:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=PvD2x_n9ei6WBaL8H3AzPxfIrJNHiDofBhQFvd3I_W8_Av7nUn-MOXNw4pwQ_RHd4xT5zm9DJ3AKvNSAr41CJmQXYPyl0Iyzu0CYcCed8OAbMaJ3FBwrh1v4lQ_4FFkD6e59xJ86Ug46SGGwrHKjntXRcRofMxlmzI7UGfbfKUkKhLwukDIfzCsuGNvdZoFzf5hmBle5fZAiHZ0-lysMO5OYB-8eVUk_5VhRNBK-ZNWusKAK1l11MQs8BhkkhfaMVtTZ3A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47134573
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 5D62 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/window_focus_fy2021.js
Requested by
Host: d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
URL: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 21:50:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
84150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Mar 2023 21:50:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/ Frame 5D62 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230302/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
URL: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 00:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
73532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 00:47:31 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5D62 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
URL: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:14:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
7118
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Mar 2024 19:14:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D62 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
URL: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:03 GMT
truncated
/ Frame 5D62 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82b14847a3121aedef511f611f4f63222eaeae72bb7db335b7567a318688b3d7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame AF06 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 21:13:03 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame AF06 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 21:13:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame AF06 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 29 Feb 2024 21:13:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame AF06 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 29 Feb 2024 21:13:03 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame AF06 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=wEWzv1KwpMIquqyvInQ6yytjIJDb8FkjIOQozSqrOiQy6vjwpE2MvFXqaKZQ4e3-0JfVFPfZI0gW1JT7484TnMH1-iqUDnPM-LJQ17Nt1lE_GyfDEWUAz1RtgAvgVRJ68drXi8ARBRiGG0h0RxjhkkGUGPv_SHg9davlQouHkVLY6zErhH-oLU8pMhLfAmH7EUAB7AJvEwCaTlqt_Fo9k5uM3d7rCAcMndTVGPZAVpFx2NI_LqpYlBfsIEFYNHLOj1sijgUDKU26Lxhk2qdXeah89YDD2G0jngUumc7ZYxA6J2tRakMP-MPMcHsP9cokouguECp7gAhi3nPpZF4CogPiAuUcHI3LenvNEiQ943UxKHae5ZynXa-3gfQwvdRd5I_KxZ6NFK3U-VLerXdCP4JOwinvH3x4vHZafWSsB3cu1BjV
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1789468
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AF06 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
928447
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmPIkIPYL6BbZc7bwT9SV4m6Dym1dlGeokJTshXyr8SbAn2G8PF1ghVPYNzXSUdJ9OzW%2FiHwaakT%2BKLVLRAz8jS1NnL5imPCoR6Zu0H3xZByNnYmIL%2FycwdpzBD03vZ%2BAGSzqHk127ou6%2FTApNriBIS%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a3d99b7ef744679-SIN
expires
Sat, 24 Feb 2024 21:13:03 GMT
animejs.js
static.criteo.net/animejs/ Frame AF06 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 21:13:03 GMT
795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
static.criteo.net/design/dt/ Frame AF06 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/795461768ece4a89b18a9f8c80409c30_euclidcirculara-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-cbac"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 21:13:04 GMT
1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
static.criteo.net/design/dt/ Frame AF06 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/1bfe579521a74e66a22e4022793700cb_novaresestd-medium.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 17 Sep 2021 13:03:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6144923f-50d0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 21:13:04 GMT
d9b44a2f5f0342e39bd9d994438cee26_cpn_300x250_1.jpg
static.criteo.net/design/dt/75905/220505/ Frame AF06 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/75905/220505/d9b44a2f5f0342e39bd9d994438cee26_cpn_300x250_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
81c9a6d7deb6c82c1c309f220a7ee89c15938f8e79dcfa0fafb587fbe759f5a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 05 May 2022 15:08:17 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6273e861-e3fe"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
58366
expires
Thu, 29 Feb 2024 21:13:04 GMT
img
pix.as.criteo.net/img/ Frame AF06 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=132&m=0&partner=75905&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F55107%2F210723%2Fe9cd2ec2f5594aef93573b54d93251c1_brandlogo.png&v=3&w=596&s=TWByHfoQh546G2nw8bqou1Ek
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0002a0909535a93d2e231016178b69542d2acc4b7cb2e2dd35b5aea496ae0888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28184582
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20048
expires
Sat, 27 Jan 2024 02:16:06 GMT
img
pix.as.criteo.net/img/ Frame AF06 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=75905&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5517807_png%2Fcosmopolitan-watch--swiss-made--metal-bracelet--silver-tone--stainless-steel-swarovski-5517807.png&v=3&w=400&s=AY3kl7VmCWA2NusOacuHOyZz&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
948c7a7942e3b0190b8e02ff8bfd224ee47e64a1e737091dbc4c5e4b0c6814b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30448879
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9640
expires
Thu, 22 Feb 2024 07:14:23 GMT
img
pix.as.criteo.net/img/ Frame AF06 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=75905&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5645372_png%2Fdellium-drop-earrings--asymmetrical-design--bamboo--green--gold-tone-plated-swarovski-5645372.png&v=3&w=400&s=uZmyyBGDkmmM0qBGKsCtMfZ_&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
786921a61f4c19b6556316a57bc8c4ad76157b45586fb01657a4389de7af4372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30459712
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4222
expires
Thu, 22 Feb 2024 10:14:56 GMT
img
pix.as.criteo.net/img/ Frame AF06 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=75905&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5519327_png%2Fcocktail-watch--swiss-made--pav%25C3%25A9--metal-bracelet--rose-gold-tone--rose-gold-tone-finish-swarovski-5519327.png&v=3&w=400&s=O3mNyG5Kg6LlPhIPNsYuHchn&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e99be9fbee61d2da7fd3fb3cc2de20aed9246a2996ad24eae4040dc640d229b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27792971
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9412
expires
Mon, 22 Jan 2024 13:29:15 GMT
img
pix.as.criteo.net/img/ Frame AF06 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=75905&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5302562_png%2Fzodiac---vigorous-tiger-swarovski-5302562.png&v=3&w=400&s=rRLpY-JckL7IIx_cU0hl0zS2&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8321a8c4a62b9b69cf6aa26b92634cd5b9f4e6937d4ab9da8a5e00d174ca2edb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27345802
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11080
expires
Wed, 17 Jan 2024 09:16:26 GMT
img
pix.as.criteo.net/img/ Frame AF06 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=75905&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5634648_png%2F37mm-watch--swiss-made--metal-bracelet--silver-tone--stainless-steel-swarovski-5634648.png&v=3&w=400&s=iC_k3JZZT-PuXHYpbeO6rLX6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e49b1b809aaa03938485f7130897cec9d9ee5d0b76a9206630e8f1b92a14fdd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27810546
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10032
expires
Mon, 22 Jan 2024 18:22:10 GMT
img
pix.as.criteo.net/img/ Frame AF06 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?cq=256&h=400&m=0&partner=75905&q=80&r=0&u=https%3A%2F%2Fasset.swarovski.com%2Fimages%2F%24size_1208%2Ft_swa103%2Fb_rgb%3Affffff%252Cc_scale%252Cdpr_auto%252Cf_auto%252Cw_auto%2F5198686_png%2Fcreativity-pendant--white--rhodium-plated-swarovski-5198686.png&v=3&w=400&s=0IqDYSiqBneu2YeYuw72_rjP&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::7 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3fbe483f19d7b7b89909c793f174085aded9e8489dee9ad4e4ca8de533cd4c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29660562
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4340
expires
Tue, 13 Feb 2024 04:15:46 GMT
all
csm.as.criteo.net/ Frame AF06 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=PvD2x_n9ei6WBaL8H3AzPxfIrJNHiDofBhQFvd3I_W8_Av7nUn-MOXNw4pwQ_RHd4xT5zm9DJ3AKvNSAr41CJmQXYPyl0Iyzu0CYcCed8OAbMaJ3FBwrh1v4lQ_4FFkD6e59xJ86Ug46SGGwrHKjntXRcRofMxlmzI7UGfbfKUkKhLwukDIfzCsuGNvdZoFzf5hmBle5fZAiHZ0-lysMO5OYB-8eVUk_5VhRNBK-ZNWusKAK1l11MQs8BhkkhfaMVtTZ3A&sds=2&rev=84953.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
privacy.svg
static.criteo.net/flash/icon/ Frame AF06 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Feb 2024 21:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNU6T-EsFtP3T9VSN2UDumJn-9l36jL6pQiySsS2XLnZj8dEf2M7S17SYalsXCDeiBGZxyvdD6vuSvtIpmcD8jsvxOV-DrM1AU4R-dBNWu7ztopuyRQoFKua5Y6zXnC7UIVne2aG-nWvB64rHTzlL-jSGDYokb3UJ3u43RmBImghkyIEyQzb4k0UoP37we6CHyrpOHIVGWX6W7BlybeL4xNnQ1ZIfnKVU7mYDSo9ER7uqTpUKNdHEQ-6OlW_zHSzoiCzTW-qNbXaSPpa6ts742Yl8L7dtX8Fp9C-5n3elS5nl_W-wG1D3Fx6iDukMgWApIWvTl2TeV_plYGL4XRmhp_Q&sai=AMfl-YTYzIeccaEXh3UvbZEaNQegZyMYYIh4wfNVOD77Ewoy7kC7SWxLbsC7NAVbP2UQjMhhUMZ30MxxNQWeLvoMMshNYnC4xsq2FLtFSll_i8oxtYZ-hsb33aUGVBd_qlu8IdRyLoKANGttxjzzudg&sig=Cg0ArKJSzKZQenvNo6VlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 2681 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdsV-COJ4AvOAXjNnUKuyc7QqkFm5L4Ppzu41aztg3I5BHpELfopsuHLN0q_6gcMFzTdaD0gcTYZ1LE2WZa3CVZI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWvja7RD6j1upwFwdIYIv%2Bh8Tr72lKrnEngfodv0z7L9uGjilIc8zbU6nskdSzwv6rh7PCOTGEhuDwDDSUnJLY8XR3N%2FtGRhYf6h6qpTs0RiqzpR9SRiaIWOsBV1OW5qdMwhbiX6lBxaI%2F%2ByoDlpD%2FI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a3d99b86c706bf3-SIN
expires
Mon, 06 Mar 2023 21:20:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2681 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
moatad.js
z.moatads.com/millennialnexageinapp768429046591/ Frame 2681 		326 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.140 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-140.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
590a83fd40d49f205de936997fd35d14e1676a4e4e21c344c1ec3687bd240eb5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2023 15:51:28 GMT
server
AmazonS3
x-amz-request-id
FZRYQBMN4X443NXT
etag
"e012c191ed1c631fceb264fd1968a7ff"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=41483
accept-ranges
bytes
content-length
113159
x-amz-id-2
yu1VpGSu4scu12FkvWwpM4PQ2jyaI3lR/pA/LLiPQhXQcrxzMwMGc3cX9h08RWSoP57AzizoJaE=
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 2681 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a9694b7017979eb7fb8f131172d008c&posi=1533756&grp=%3F%3F%3F&nl=1678137182334&rts=1678137182243&pix=1&et=1&a=bd19c74f-d6b1-4fba-b1e1-52adb1633f73&m=aXAtMTAtMjItMTMxLTEzMw..&p=MC4wMDAyMzQ3MTI&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7OztjMjc4NDM5NzE3MzU0ZTM2OTRhODVhMTgwMDgxYzNjYjs0Mjk2MDE4OTsxNjc4MTM0NjUxOzswLjAwMDE4Nzc3OzswOzs1NDc2ODg5OzVjNjY4YTlkZGM3N2M2ZGE1YzRlOGQxNzkzZDk3YzFlNGIzNmMwM2Y7MTsxOw..&uid=y-2bT9aBRE2rPCYIRvreIcFyi2UNVbxTHpxQfhGVrwfbou%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.104.51 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-104-51.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Thu, 02 Mar 2023 15:14:28 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/qieY0FjJ7eUlcHXPKUYkHIOij3Q6LRFc0vvjZhxcFelg2k8oePMBubNDRPVeI3UCGo1uMOb0axocg1buQo4v6q73iJaw1kOe2tdACe_m56eDW-_XIul5BhS6IB5abvbEFCblzNKMbGxRmxnqMHjqtyhx_jFGnfj9c... Frame 2681 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/qieY0FjJ7eUlcHXPKUYkHIOij3Q6LRFc0vvjZhxcFelg2k8oePMBubNDRPVeI3UCGo1uMOb0axocg1buQo4v6q73iJaw1kOe2tdACe_m56eDW-_XIul5BhS6IB5abvbEFCblzNKMbGxRmxnqMHjqtyhx_jFGnfj9cf5WwN3mSXOGWY3DwvQuhvrYo4SZJNx5wYmnGB0evnD_aSW3HjJGpt9tpQxJdojmjQPbmhPvtVCKoN3xCOMUqAje2Xq-o7elfNJ3DhK9gpb427GiXKzJHiEvMcqsHEkA5LxMwNa9rn8sFQF0u4vq24Cj66gfey8m81Yd9-bBI70RH6mjDsAM09QYoboWKwYT-W2UE2fGZQfEIimYyw0Xaj5yc7ZYR0uMS5W9_IxcZJneEhlek4J_ZJMH2Z2aTwQBzehnV2-mNmxs0Rnu6I2BTfrjxDG4famsfD2p1P441b9_9kyvEs7noBPyGOXricK9zdbs839p-L1GE5y499jC1Upjw-zMpWIslaNzBQd4SLSUqbG_O2HdY6IrqosVDYsdPwd-28uG2Rmg8AyxcJCwMZBIHWTOZpC5CZBGJNIX4u0BoGcwm5zTNbME1QV_nF3OAt6cFlpepK33iRoHdkX9YImkxnFikJfB2Qg-OtKP0-VCt1I3gT-JEi1hz9SstYj6TQBKK6lDEsfz5afJLK3k0Bwq6K_yNqGMc6WgPiv7y-Amu9ChYvzzadVJ6MmAeVZvixz8bKvR54OYw9IQLmnIdsqe7xqDr0AmAeYzfR1mteZEAh7vs_PIWQWeqXrln8kmDPPKgARb6cXfMC2yt12Z34Ezz2mRbzXh06cWsd91xcqhH207xKhIZ6DNbRR5cXly2Chkl8xFAmSB9_haEjGtPqOq8jVJSPy6-w2OHXHAVh7Za6akXDoR6Go7OfJziarGLqCS-7RHEHl41sQzitAJ2pyuWGGkP5QYK60fcd-txqE6Li5ijp_qQWdd10jsfOh9-8SFccVAbu7ajo0a_K3ESOwtbsNCa-BaeMQ15MwD0FDoLMpkqA8zRngbOkHkEdkGOB2nzbZRJqWqGMfpiXf4lJipNQhSiYUe1fFQoxDophyDGJFs3dAB_-bB1c14P8rqU5lCoYs6NQi14JEdmzyzr7gs9HZN8luWiI4pfYwTm1BoH7BiBS26_QijczpIr8vxrmKBjaVB6aUKVgxgHFVmryEkFuT261SmqD4MxiV2MSW5ZRRfrpdUKrrc9br0VjYEgIKcFYWWk5OWQAqNQl-qrnMyGyAiiCpjM1TF3YtjiExGxwm2awL8ZZtqRbHaMeullR9hlSTTT_e7jdmVHUZUre7zRY0KS1FWv4KgcNkcltG4Pap58fTXG_aFI725t9bWxLX_Xlp2W_apVFVcNQ7ojBZ7cGjATca-xB8t2wrCw0ClpPcN823SdvXcnZ0JJKc9pfAWcLNYsEl5o5zZRtwuZAes_xIvfjeR_3r3k5cRI6Ua_zcQ88q_r-IlTjRrxPri-7_yiWNjVsuY3f6ZWWSbMtTNp7WqVt3BfKiQe34otKVHXBSy5-LT1Nu1qdxEWMlq/wp/0.234712/tr/0.046942/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
3cabfba654d7bcbc6d7ba88fe7e3c85a0a5aa75601f88dae8ea7c71970379678
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2548
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 2681 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55859,55939,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
aa1ab67ecf7a58341bb1b83c0fd6bbe27247dcd7b77474024fa151151bc1b6f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 2681 		69 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
CSPD20M2NCJXR8QW
age
10446
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
A0Ban6Y+poX+WUvtLT89ZgVcP/nHO6zoflh9cL8BOAwvCMr+wB1TyXObxIIcCiqajg01BvGExX8ttnGc6Exvtg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 2681 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e5 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JGMBBQ1HZJ1YKJCA
age
4999
x-amz-server-side-encryption
AES256
x-amz-id-2
PynZTWeZoJBup/Y2AsiIE3WHiBmVj23RPub6uw9wii9b43PqSYboREaj2SFIqUrV0iS3RBwzCd+hlo1Ec+VXGA==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
n.js
geo.moatads.com/ 		97 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=815673037&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b3wpLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-rghCXLleOfQ59g%3D%3D&sc=1&os=1-fA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=MILLENNIALNEXAGEINAPP1&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1678137184168&de=859295407128&m=0&ar=afa8d545547-clean&iw=a2fe2a0&q=2&cb=0&ym=0&cu=1678137184168&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=13240%3AOATH104153000%3A2226035%3A5476889&zGSRC=1&gu=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&id=1&ii=4&bo=344663&bd=1533756&zMoatOrigSlicer1=344663&zMoatOrigSlicer2=1533756&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&gw=millennialnexageinapp768429046591&fd=1&it=500&ti=0&ih=2&pe=1%3A1362%3A1362%3A1667%3A1344&jk=-1&jm=-1&fs=202228&na=2025508997&cs=0&ord=1678137184168&jv=1888373050&callback=DOMlessLLDcallback_30769367
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.217.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-217-3.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
935b7938be7c5d4c8edbf114e50a40e1831369c54a59c1fc2abb2e00528bafe3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"a574bf74ee8612b885d3dc55d3ecd158d8b52023"
content-length
97
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MILLENNIALNEXAGEINAPP1&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1678137184168&de=859295407128&m=0&ar=afa8d545547-clean&iw=a2fe2a0&q=3&cb=0&ym=0&cu=1678137184168&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=13240%3AOATH104153000%3A2226035%3A5476889&zGSRC=1&gu=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&id=1&ii=4&bo=344663&bd=1533756&zMoatOrigSlicer1=344663&zMoatOrigSlicer2=1533756&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&gw=millennialnexageinapp768429046591&fd=1&it=500&ti=0&ih=2&pe=1%3A1362%3A1362%3A1667%3A1344&jk=-1&jm=-1&fs=202228&na=2136936145&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.140 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-140.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 06 Mar 2023 21:13:04 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 2681 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/qieY0FjJ7eUlcHXPKUYkHIOij3Q6LRFc0vvjZhxcFelg2k8oePMBubNDRPVeI3UCGo1uMOb0axocg1buQo4v6q73iJaw1kOe2tdACe_m56eDW-_XIul5BhS6IB5abvbEFCblzNKMbGxRmxnqMHjqtyhx_jFGnfj9cf5WwN3mSXOGWY3DwvQuhvrYo4SZJNx5wYmnGB0evnD_aSW3HjJGpt9tpQxJdojmjQPbmhPvtVCKoN3xCOMUqAje2Xq-o7elfNJ3DhK9gpb427GiXKzJHiEvMcqsHEkA5LxMwNa9rn8sFQF0u4vq24Cj66gfey8m81Yd9-bBI70RH6mjDsAM09QYoboWKwYT-W2UE2fGZQfEIimYyw0Xaj5yc7ZYR0uMS5W9_IxcZJneEhlek4J_ZJMH2Z2aTwQBzehnV2-mNmxs0Rnu6I2BTfrjxDG4famsfD2p1P441b9_9kyvEs7noBPyGOXricK9zdbs839p-L1GE5y499jC1Upjw-zMpWIslaNzBQd4SLSUqbG_O2HdY6IrqosVDYsdPwd-28uG2Rmg8AyxcJCwMZBIHWTOZpC5CZBGJNIX4u0BoGcwm5zTNbME1QV_nF3OAt6cFlpepK33iRoHdkX9YImkxnFikJfB2Qg-OtKP0-VCt1I3gT-JEi1hz9SstYj6TQBKK6lDEsfz5afJLK3k0Bwq6K_yNqGMc6WgPiv7y-Amu9ChYvzzadVJ6MmAeVZvixz8bKvR54OYw9IQLmnIdsqe7xqDr0AmAeYzfR1mteZEAh7vs_PIWQWeqXrln8kmDPPKgARb6cXfMC2yt12Z34Ezz2mRbzXh06cWsd91xcqhH207xKhIZ6DNbRR5cXly2Chkl8xFAmSB9_haEjGtPqOq8jVJSPy6-w2OHXHAVh7Za6akXDoR6Go7OfJziarGLqCS-7RHEHl41sQzitAJ2pyuWGGkP5QYK60fcd-txqE6Li5ijp_qQWdd10jsfOh9-8SFccVAbu7ajo0a_K3ESOwtbsNCa-BaeMQ15MwD0FDoLMpkqA8zRngbOkHkEdkGOB2nzbZRJqWqGMfpiXf4lJipNQhSiYUe1fFQoxDophyDGJFs3dAB_-bB1c14P8rqU5lCoYs6NQi14JEdmzyzr7gs9HZN8luWiI4pfYwTm1BoH7BiBS26_QijczpIr8vxrmKBjaVB6aUKVgxgHFVmryEkFuT261SmqD4MxiV2MSW5ZRRfrpdUKrrc9br0VjYEgIKcFYWWk5OWQAqNQl-qrnMyGyAiiCpjM1TF3YtjiExGxwm2awL8ZZtqRbHaMeullR9hlSTTT_e7jdmVHUZUre7zRY0KS1FWv4KgcNkcltG4Pap58fTXG_aFI725t9bWxLX_Xlp2W_apVFVcNQ7ojBZ7cGjATca-xB8t2wrCw0ClpPcN823SdvXcnZ0JJKc9pfAWcLNYsEl5o5zZRtwuZAes_xIvfjeR_3r3k5cRI6Ua_zcQ88q_r-IlTjRrxPri-7_yiWNjVsuY3f6ZWWSbMtTNp7WqVt3BfKiQe34otKVHXBSy5-LT1Nu1qdxEWMlq/wp/0.234712/tr/0.046942/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Mar 2023 21:46:12 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 2681 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/qieY0FjJ7eUlcHXPKUYkHIOij3Q6LRFc0vvjZhxcFelg2k8oePMBubNDRPVeI3UCGo1uMOb0axocg1buQo4v6q73iJaw1kOe2tdACe_m56eDW-_XIul5BhS6IB5abvbEFCblzNKMbGxRmxnqMHjqtyhx_jFGnfj9cf5WwN3mSXOGWY3DwvQuhvrYo4SZJNx5wYmnGB0evnD_aSW3HjJGpt9tpQxJdojmjQPbmhPvtVCKoN3xCOMUqAje2Xq-o7elfNJ3DhK9gpb427GiXKzJHiEvMcqsHEkA5LxMwNa9rn8sFQF0u4vq24Cj66gfey8m81Yd9-bBI70RH6mjDsAM09QYoboWKwYT-W2UE2fGZQfEIimYyw0Xaj5yc7ZYR0uMS5W9_IxcZJneEhlek4J_ZJMH2Z2aTwQBzehnV2-mNmxs0Rnu6I2BTfrjxDG4famsfD2p1P441b9_9kyvEs7noBPyGOXricK9zdbs839p-L1GE5y499jC1Upjw-zMpWIslaNzBQd4SLSUqbG_O2HdY6IrqosVDYsdPwd-28uG2Rmg8AyxcJCwMZBIHWTOZpC5CZBGJNIX4u0BoGcwm5zTNbME1QV_nF3OAt6cFlpepK33iRoHdkX9YImkxnFikJfB2Qg-OtKP0-VCt1I3gT-JEi1hz9SstYj6TQBKK6lDEsfz5afJLK3k0Bwq6K_yNqGMc6WgPiv7y-Amu9ChYvzzadVJ6MmAeVZvixz8bKvR54OYw9IQLmnIdsqe7xqDr0AmAeYzfR1mteZEAh7vs_PIWQWeqXrln8kmDPPKgARb6cXfMC2yt12Z34Ezz2mRbzXh06cWsd91xcqhH207xKhIZ6DNbRR5cXly2Chkl8xFAmSB9_haEjGtPqOq8jVJSPy6-w2OHXHAVh7Za6akXDoR6Go7OfJziarGLqCS-7RHEHl41sQzitAJ2pyuWGGkP5QYK60fcd-txqE6Li5ijp_qQWdd10jsfOh9-8SFccVAbu7ajo0a_K3ESOwtbsNCa-BaeMQ15MwD0FDoLMpkqA8zRngbOkHkEdkGOB2nzbZRJqWqGMfpiXf4lJipNQhSiYUe1fFQoxDophyDGJFs3dAB_-bB1c14P8rqU5lCoYs6NQi14JEdmzyzr7gs9HZN8luWiI4pfYwTm1BoH7BiBS26_QijczpIr8vxrmKBjaVB6aUKVgxgHFVmryEkFuT261SmqD4MxiV2MSW5ZRRfrpdUKrrc9br0VjYEgIKcFYWWk5OWQAqNQl-qrnMyGyAiiCpjM1TF3YtjiExGxwm2awL8ZZtqRbHaMeullR9hlSTTT_e7jdmVHUZUre7zRY0KS1FWv4KgcNkcltG4Pap58fTXG_aFI725t9bWxLX_Xlp2W_apVFVcNQ7ojBZ7cGjATca-xB8t2wrCw0ClpPcN823SdvXcnZ0JJKc9pfAWcLNYsEl5o5zZRtwuZAes_xIvfjeR_3r3k5cRI6Ua_zcQ88q_r-IlTjRrxPri-7_yiWNjVsuY3f6ZWWSbMtTNp7WqVt3BfKiQe34otKVHXBSy5-LT1Nu1qdxEWMlq/wp/0.234712/tr/0.046942/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
QQJ668BZBFS4HH8S
age
2103
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
iZ8Tw8i+URsNh0EI8Ks8azviR080aIsTVtNNJGlN+51kCXeOXGhNC8QlkE81wwtMMaSkBmlt3GY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
view
securepubads.g.doubleclick.net/pcs/ Frame 7C28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3PJN_uTJURwEamTXofXiu23bX93-6CEwIb72UTquN-kqgvTCXQfHfrfQmTsZmzXBdNFF98ibdCi3ktHdEr1d8zhv0mI3VhjDNyrQ5OTtJ3DG8kB-ZtsuVVEM1JG-dubEyORKNMd5sVTWHFZgPC4hJa5fPbFbGkqbXrbO0JIRnJFM0J04YksbgXWj1b-oYRdblp2I5g18F5-QdD9pAEiuvdL9xq4crF7QCMk1RLyaKl39UQ9Xc9bKit0aBh6JljiP756SjgsKhPnPl8sV4-uaMEtIi12a8YweOQcP3afUHOX-mEt1fkjKrptMZ5-sH7JBtPZfKQcmqcg3QNJwTQh6CGG0&sai=AMfl-YQEuiqhDQYP9Q7j-eypE9wnNhArjn8y5MhOx3eEoFVnkdVUTeduABadrVOohFKvKLc2c2hnRi_YmCxZ_WxvvstdERmAaAM4SnsjtZM6e2uDtWlYKFq5gKYUJU9glaNiFKPZf5O5r7kFyfvIOiFG&sig=Cg0ArKJSzF2M6zhFsLuPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 7C28 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdsV-COJ4AvOAXjNnUKuyc7QqkFm5L4Ppzu41aztg3I5BHpELfopsuHLN0q_6gcMFzTdaD0gcTYZ1LE2WZa3CVZI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml7dVmEcVjMkR6aQ9Mjtl%2BHiRwhw4GnjnL5mA5wT0I034FIvwDqANQKjRGwFLu%2BzOi%2BV5BY%2F1sZXq3z3mbSLx0lBGj0CE1UdW8C%2F7WR3wDvSJK1KIWT7FR7bcam2IS3juJhbAezs%2FmWV0t%2BUDRvs5Wo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a3d99b9acd86bf3-SIN
expires
Mon, 06 Mar 2023 21:20:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C28 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame D11D 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1678137184287&sessionId=1ed01f09-916b-04ac-d555-23b00a3caba0&url=pastelink.net&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:04 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
047afd00b22b18810e561321afced0c6
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ Frame D11D 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&idx=0&rand=83390&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&adblck=false&abwl=false&clid=1ed01f09-916b-04ac-d555-23b00a3caba0&fdu=pastelink.net&px=0&py=0&vpd=0&cw=300&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=2010204&sig=vTm96Tyi&apv=false&&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&ogn=https%3A%2F%2Fpastelink.net%2Fkztoeqi1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.46.132 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7bc59d55c18baedef7368e8b3aa3bfddaa7a71b17a6695a1026e4120e1f95a77

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
SADC1, SJC, QPG, APAC1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
523fda0698acd6b282b62b1ed4e77fbd
content-length
2064
x-served-by
cache-sjc10058-SJC, cache-qpg1278-QPG
pragma
no-cache
x-timer
S1678137184.305613,VS0,VE213
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame 2681 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 14:12:02 GMT
85E7CCCBCDB72ECD
pn.ybp.yahoo.com/ab/secure/true/imp/5nM9agjAXjPHnXGoppweclFm6wvty2476wxUOb5BkFR8tovkUyom39iO_yrjO9FGvYf9v8C0sjhQDH5TYp44lx8joM97Jn9BEeHHSidPRfC5Y-eD4DXmpE200-fK5Bl8-S719CfO7wv36KMSmZ2TlBgy5jhm7Xqkv... Frame 7C28 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/5nM9agjAXjPHnXGoppweclFm6wvty2476wxUOb5BkFR8tovkUyom39iO_yrjO9FGvYf9v8C0sjhQDH5TYp44lx8joM97Jn9BEeHHSidPRfC5Y-eD4DXmpE200-fK5Bl8-S719CfO7wv36KMSmZ2TlBgy5jhm7Xqkv5d3dWrv9ff2cHrh_M8YMfYl_P4_tHj5Cxf7p99ZU0E-12TjWUa_DDGL-ipezVRbI_uozXBpMU5IPQd1uBExzK7OOssRCd7SVHPoL0yMvKPSaI_CiaWWma_fuP7toQKEv2aas3Yzu2n5UHjrhpLUzn4-K58FGnvvMTwn18OS6MKw7PE2ZBObvM4YlIku74zP6OqM5o1L2oimf62zxMbi8Wi1lvtwL5a2rESHGbdFc7i21_81RL9Q12_XfptzlsRSVe_t1Wa_mWZac88mEmF4EbFDTxGCQgu2wkTHEitr-Y1A7F8DQuRkul8ImdSj5ORGKOO-cJB1ORyq8Et82IGvDjrrsu1ok2g1hNFM8SHlYTGuJlQVrTDHuIr9zN_OkHgeGvqbX0oiEVqLpep9cZTHSaa7TX303gU0mMiGmQJXKHd1U6MpW4_Pgsff6j3coxvCrF6OxPkzHCrkcKBL4kUXWorW3F0hob3m55MiyRvx1u3WGazkrzBJ5OhxI2W_kBMIqPDo2svEkYoc6jfXaVYWHeX0xiBAKEkTUNc0Uuvl8-LrEEQWc9q6cu6HlC6x9LnREXreGU9ReUGuC424VeV7UBiEDOGk9C-qo5_NIzITdoTJ4ia4A6pRXU0P8sGHGsHrPoj3X-wdkUqtA4FCKmcNsCTCOk6eWdQ0eYoQT90AU4AhrV-NMnd9mA4QYYftwvr5miOJaK8UlYExrJK2gX59cjy81hdaeXky6jsHPglREy6KUP25kPeWMPRt_NZARqcum9LQMrLVZv1vh5Yap-38DXElCQMb1oWTyzrVQFUMavlzbqSczAwSFXP-RVjN0XZK7Nzz-0DoGqdIf2Av60pb4WezQPVIVAICLKQSqVUEKfBe3PSw1zra94BQZLTG6-tpHexoROTwAJRJX2Oj7PI2nNQMvD7JfbZHZ4yJKfnkSp3ivdMKQsAA6PzA06PmvH55BIWA67vuhH_Iygb_dRxgz9jxF5GJqvyaWp7OLd7XzFFWlcoGEZmJexX5V4rpyNXZtXBPB_oqLLkVEsXg6B3xHBH8WomKf59RnxruqWG0mnSldIkWdHKTqBjaCzNBa64moXFhS8AxDcB_riyI-WQh-rj9gcM9eVv_lFcxJQw7NP0k8CN9k7dQ9PhzZnlLqvt_Z7UrdFAL78_cXgKM0_YaFOpQjcxZ7pZWgh52sNgvTfuTj7y1jV_Uqfv2hwn8lWe2KM1BVuV1WX1hdmD-2rS7IbT89ickHaFOUlQX2t7VjspfyyTrnEsXcT9xw1XdO237nvMyZ-acb0z0t9GVGxJJ2XOivFvzkQb4ydnk5faoC9fHSAL8P1TddU8a6yZ27Tr-HUPbZbFJzaJ6e8_Q4J-sRMArrsYmJD76/wp/85E7CCCBCDB72ECD
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
a48922eaa3b220e438ec5b0b77654969e74829e2bca2507baab8db4cb5bfea29
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2018
5a8b206f-7bfe-465b-a6ef-ada3365e5793
beacon-fra2.rubiconproject.com/beacon/d/ Frame 7C28 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/5a8b206f-7bfe-465b-a6ef-ada3365e5793?oo=0&accountId=24386&siteId=416672&zoneId=2350352&sizeId=15&e=6A1E40E384DA563B29DF40A2D3431928F56C3782BCE226F2E775F92643CBB1AEFD496E12E976451B876AE07D56145921338688CCBDE637914CD88AAAFE7360F75BA8DC18A7904EEB4E804C533D542E0773A9032D643AA8593006CF4818D9224E9EEF4E6E6257C438FDE6F8BFF8419D79BA47455B4DDA22D8F6CD52246EBD26ADFDC7548137E43A74D3598F69D1AAF13406A55E07CE8180924A270F64572830439EF68FB8205982D7813FF6F18CAA5EAFD1F74A5810663F08
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 7C28 		0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LEXBJT5T-6-2FMB
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
imp
a.vidoomy.com/api/rtbserver/ Frame 7C28 		9 B
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/imp?q=YWRfdHlwZT1EaXNwbGF5JmFkb21haW49aGl0YWNoaS5jb20uc2cmYWR1bml0PVRvcF9sZWFkZXJib2FyZCZiaWRmbG9vcj0wLjAxMzg0MDgzMDQ0OTgyNjk5JmM9U0cmY29ubj1wcmViaWQmY3JpZD0yOTc0JTNBNTQ3Njg5NiZkX2dyb3NzPTAuMTI3NSZkZWFsPSZkb21haW49cGFzdGVsaW5rLm5ldCZkdD0yJmVuZHBvaW50PU1hZ25pdGVfZGlzcGxheSZlbnY9V2ViJmdkcHI9MCZnZHByY3M9MCZpZmE9MCZvYjE9VFdGbmJtbDBaUSUzRCUzRCZvYjI9Vm1sa2IyOXRlU0JOWVhKclpYUWdVR3hoWTJVJTNEJm9iMz1NQzR4TURnek56VSUzRCZvYjQ9TUM0eE5RJTNEJTNEJm9zPVdpbmRvd3MmcD1hZHZhbGx5JnBfaWQ9MTk3MzY5NiZwdWJzeW5jPTAmcnNpemU9MzAwJTJBMjUwJnM9cGFzdGVsaW5rLm5ldCZzZWF0PXJ1Ymljb24mc2l6ZT0zMDAlMkEyNTAmc3NwX2dyb3NzPTAuMTI3NSZzc3BpZD02MjE3OCZzeW5jPTAmemlkPTE1Nzg4&j=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbXBfdHRsIjoxNjc4MTQwNzgyNzMwfQ.Ks8qC04lBO2L9u4OowDGfZQ3lkomEIOY8FNgj7bLcVA
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-length
9
content-type
application/json
mesure.js
vpaid.vidoomy.com/jsads/ Frame 7C28 		870 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/jsads/mesure.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:d100::13 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
aa93a4b21551c063d1f367d6a165f48dd3c64176902fb94b3fb5123145ba5bff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
singaporeSG
date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
280264
x-77-nzt
AVm7oodtBYz/yEYEAA
x-accel-expires
@1678893720
last-modified
Wed, 06 Oct 2021 16:11:15 GMT
server
CDN77-Turbo
etag
W/"615dcaa3-366"
x-77-nzt-ray
a953bd23b37b7ea16057066470e68813
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022801&jk=3947244399311024&bg=!8vGl8aXNAAbv3-2Ez987ADkAdvg8WkZfxwGVs2klXh9gStroTVFkLJKw_XyoirRzh-1RVvp2PHgZjFDIai8d57mdWGh3dRdpyrMCAAAAdVIAAAAFaAEHCgAKEJqgzmts8zcMipkCmATRJTr3qwyISR53Su9COaPJTrEKHEXs6VfqYw4-SKflEsmXRlFP82Gc33MwGYYkIHM30pXUS_cd8_V3N282tinLX7e_oixVUua3cJBI5qyFZ5wbKoOLgvTE7W3veyhEtrR-2KV-7p6M2nwCA4yl2RwLp89IvLxOTvp58Vos8Bew2x7o25vozEdjBFEVa7IWkUNwoK4eAUe0IkbHqTgOuWqwV3WZ-OJwBWfwrZx2ZzpadXFTTzTMVE48hR5BhpnWre5909GhxUDpl0fZtxdL53sx4NotiepRVHtMY6l8XwTDk1yKlDa0pH7oz2_fxq6Iu8iH3-xc7YrPiLUOBYN42uveMDL6UV5PFy9JhMekKkMa1b6PA4QNTpFf5HeHFkfmO7t81r7_vKlVmi69m4u7Qe-BISI24zU5bwLV7SGVpgQSOfSi9V1aLnSWSUcyVSV2qfVhQQqSitgB7yvqHg2JDVJcztQ2MtZv85h0I8rhOu2KYi2rGJgrKuQrC0-Y_gl4fpM2KHrNy7nYjF1UTGtebmk9i5ZvOcsi-STEDx968p_wJP9pU-3ymY_QGFBNbfg2JKXWTheuv0q06TmsRiE0vD-iQzCNVv6nm7o0URHM7EItwRDDU8__HI7BLj5PmNUYntB5o8d_OOnVqe4OpQ9UfgK8gCjW2lI3PvjQnQB5npZUAWmIpwguAAIgwF5WQDZ9KoaP-3oP_yLZm98-Z-dIl_uTgwQe0tpyetPtKwv8UHIupdFBWp70JMTplDKRA5GIKwSHWoKmeLmvCukzoe_SUOuk8IKDPLCLrlsp8SOKx29PWaTyLsMelJmrR1M7nEyddn77XnqMSmyze7f28ZmLhGVF-Jm21mlJ9kokDGA6M9J7X4TU5U7rZq0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
B28320074.349771445;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666929;ord=u7jk99;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d00...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 2681 		57 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666929;ord=u7jk99;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Ffkqs7Xk0MKEDd-X2gp1m_JTpnoC4I3VFv7Z1oRa9mO6ekZkKReSGRJ03qIf1UKHMK12IVwB_03LrClDuVGROVpI_Rnsg62iHaO-gauBPMwYSiiced74meggVHxeB68BBLapDqRKBXqotjsDE-I8Mver1LETt7yUwT4P0icct2jrY890RLorvPXYC-eyc_0zYZCCF8iizCwl2dvdHZ_QrQVW0wbGKW8yz3G-7MOZJYHIVeULfysy9iSE5RVA4Xjb-pnR-QxOJYSMolxRxoPtFbYNtJoVj_zOfX1PnrHPd2Ho98xM2EVtm0A%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=29;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
a550308eb98407286db783331bc1642b80c7982a6a5f2bbeb1bfa905b0f78de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27803
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 7C28 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/5nM9agjAXjPHnXGoppweclFm6wvty2476wxUOb5BkFR8tovkUyom39iO_yrjO9FGvYf9v8C0sjhQDH5TYp44lx8joM97Jn9BEeHHSidPRfC5Y-eD4DXmpE200-fK5Bl8-S719CfO7wv36KMSmZ2TlBgy5jhm7Xqkv5d3dWrv9ff2cHrh_M8YMfYl_P4_tHj5Cxf7p99ZU0E-12TjWUa_DDGL-ipezVRbI_uozXBpMU5IPQd1uBExzK7OOssRCd7SVHPoL0yMvKPSaI_CiaWWma_fuP7toQKEv2aas3Yzu2n5UHjrhpLUzn4-K58FGnvvMTwn18OS6MKw7PE2ZBObvM4YlIku74zP6OqM5o1L2oimf62zxMbi8Wi1lvtwL5a2rESHGbdFc7i21_81RL9Q12_XfptzlsRSVe_t1Wa_mWZac88mEmF4EbFDTxGCQgu2wkTHEitr-Y1A7F8DQuRkul8ImdSj5ORGKOO-cJB1ORyq8Et82IGvDjrrsu1ok2g1hNFM8SHlYTGuJlQVrTDHuIr9zN_OkHgeGvqbX0oiEVqLpep9cZTHSaa7TX303gU0mMiGmQJXKHd1U6MpW4_Pgsff6j3coxvCrF6OxPkzHCrkcKBL4kUXWorW3F0hob3m55MiyRvx1u3WGazkrzBJ5OhxI2W_kBMIqPDo2svEkYoc6jfXaVYWHeX0xiBAKEkTUNc0Uuvl8-LrEEQWc9q6cu6HlC6x9LnREXreGU9ReUGuC424VeV7UBiEDOGk9C-qo5_NIzITdoTJ4ia4A6pRXU0P8sGHGsHrPoj3X-wdkUqtA4FCKmcNsCTCOk6eWdQ0eYoQT90AU4AhrV-NMnd9mA4QYYftwvr5miOJaK8UlYExrJK2gX59cjy81hdaeXky6jsHPglREy6KUP25kPeWMPRt_NZARqcum9LQMrLVZv1vh5Yap-38DXElCQMb1oWTyzrVQFUMavlzbqSczAwSFXP-RVjN0XZK7Nzz-0DoGqdIf2Av60pb4WezQPVIVAICLKQSqVUEKfBe3PSw1zra94BQZLTG6-tpHexoROTwAJRJX2Oj7PI2nNQMvD7JfbZHZ4yJKfnkSp3ivdMKQsAA6PzA06PmvH55BIWA67vuhH_Iygb_dRxgz9jxF5GJqvyaWp7OLd7XzFFWlcoGEZmJexX5V4rpyNXZtXBPB_oqLLkVEsXg6B3xHBH8WomKf59RnxruqWG0mnSldIkWdHKTqBjaCzNBa64moXFhS8AxDcB_riyI-WQh-rj9gcM9eVv_lFcxJQw7NP0k8CN9k7dQ9PhzZnlLqvt_Z7UrdFAL78_cXgKM0_YaFOpQjcxZ7pZWgh52sNgvTfuTj7y1jV_Uqfv2hwn8lWe2KM1BVuV1WX1hdmD-2rS7IbT89ickHaFOUlQX2t7VjspfyyTrnEsXcT9xw1XdO237nvMyZ-acb0z0t9GVGxJJ2XOivFvzkQb4ydnk5faoC9fHSAL8P1TddU8a6yZ27Tr-HUPbZbFJzaJ6e8_Q4J-sRMArrsYmJD76/wp/85E7CCCBCDB72ECD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Mar 2023 21:46:12 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 7C28 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/5nM9agjAXjPHnXGoppweclFm6wvty2476wxUOb5BkFR8tovkUyom39iO_yrjO9FGvYf9v8C0sjhQDH5TYp44lx8joM97Jn9BEeHHSidPRfC5Y-eD4DXmpE200-fK5Bl8-S719CfO7wv36KMSmZ2TlBgy5jhm7Xqkv5d3dWrv9ff2cHrh_M8YMfYl_P4_tHj5Cxf7p99ZU0E-12TjWUa_DDGL-ipezVRbI_uozXBpMU5IPQd1uBExzK7OOssRCd7SVHPoL0yMvKPSaI_CiaWWma_fuP7toQKEv2aas3Yzu2n5UHjrhpLUzn4-K58FGnvvMTwn18OS6MKw7PE2ZBObvM4YlIku74zP6OqM5o1L2oimf62zxMbi8Wi1lvtwL5a2rESHGbdFc7i21_81RL9Q12_XfptzlsRSVe_t1Wa_mWZac88mEmF4EbFDTxGCQgu2wkTHEitr-Y1A7F8DQuRkul8ImdSj5ORGKOO-cJB1ORyq8Et82IGvDjrrsu1ok2g1hNFM8SHlYTGuJlQVrTDHuIr9zN_OkHgeGvqbX0oiEVqLpep9cZTHSaa7TX303gU0mMiGmQJXKHd1U6MpW4_Pgsff6j3coxvCrF6OxPkzHCrkcKBL4kUXWorW3F0hob3m55MiyRvx1u3WGazkrzBJ5OhxI2W_kBMIqPDo2svEkYoc6jfXaVYWHeX0xiBAKEkTUNc0Uuvl8-LrEEQWc9q6cu6HlC6x9LnREXreGU9ReUGuC424VeV7UBiEDOGk9C-qo5_NIzITdoTJ4ia4A6pRXU0P8sGHGsHrPoj3X-wdkUqtA4FCKmcNsCTCOk6eWdQ0eYoQT90AU4AhrV-NMnd9mA4QYYftwvr5miOJaK8UlYExrJK2gX59cjy81hdaeXky6jsHPglREy6KUP25kPeWMPRt_NZARqcum9LQMrLVZv1vh5Yap-38DXElCQMb1oWTyzrVQFUMavlzbqSczAwSFXP-RVjN0XZK7Nzz-0DoGqdIf2Av60pb4WezQPVIVAICLKQSqVUEKfBe3PSw1zra94BQZLTG6-tpHexoROTwAJRJX2Oj7PI2nNQMvD7JfbZHZ4yJKfnkSp3ivdMKQsAA6PzA06PmvH55BIWA67vuhH_Iygb_dRxgz9jxF5GJqvyaWp7OLd7XzFFWlcoGEZmJexX5V4rpyNXZtXBPB_oqLLkVEsXg6B3xHBH8WomKf59RnxruqWG0mnSldIkWdHKTqBjaCzNBa64moXFhS8AxDcB_riyI-WQh-rj9gcM9eVv_lFcxJQw7NP0k8CN9k7dQ9PhzZnlLqvt_Z7UrdFAL78_cXgKM0_YaFOpQjcxZ7pZWgh52sNgvTfuTj7y1jV_Uqfv2hwn8lWe2KM1BVuV1WX1hdmD-2rS7IbT89ickHaFOUlQX2t7VjspfyyTrnEsXcT9xw1XdO237nvMyZ-acb0z0t9GVGxJJ2XOivFvzkQb4ydnk5faoC9fHSAL8P1TddU8a6yZ27Tr-HUPbZbFJzaJ6e8_Q4J-sRMArrsYmJD76/wp/85E7CCCBCDB72ECD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
QQJ668BZBFS4HH8S
age
2103
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
iZ8Tw8i+URsNh0EI8Ks8azviR080aIsTVtNNJGlN+51kCXeOXGhNC8QlkE81wwtMMaSkBmlt3GY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
impl_v95.js
www.googletagservices.com/dcm/ Frame 7C28 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 14:12:02 GMT
B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 7C28 		57 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1_xjwjqu2UH9SHuxXcjTe593sOTsv-gClhyHL1DEmTHDT5KSy2mxQzcVt46SH5r9T1slk9MApT9Di_S2IGl3HzEIFJ8oz5Y5zvPOLR2LWo03ZQDRtXLGh6dqT5-mTMFI0118O-9gLh2AVmAM45N3HQK7CEpFBJqO8xjHJbBvEzf30kSIWn_iHxsS25yVwvA88QWUNMVqBY4qflB0VnZgXcuA8oIvigsieEKQhC3yhIfEqXXu5EqZ-p-%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=11;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
b8add6a7d265fc560dc8b5fff703b64c833ba7da62afa8f1dd0b11c8e449ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27545
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5EE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu36CVvX41_ALTNHKbghe3GBJuL08KOGOITdDUPaOEbrGr4SMxNN8uKaqykGch13Ge1HGhIk_n6QhfUVoPzvhmQt4zefngTrUrOLRl4AdTVGBompAcmcO2zX016vCfGtUkl9-46G-HWAajpENTJl9BI9DDV2v5OrSLFSTKc39rQJCFTkrbg-NJy3OSDcgTs2YmXuKU2vA1pP7mulTQ4HTRWt8jc_9LZN6CmI5beP6YhV6Q-AWwAXD5zA5Dmtxy6bmVFRQjGUbSoq5sZPL0h6IJf-9aUx3HxzNubzLii8TXxLuQSQPs1s6bKmN95NK7c0q5EbjcTXCpCa_7q9SOikA&sai=AMfl-YShhqBSGZehGCme1H59C7-8sQYsRBPTaJjouHPyE6pKDJ9vU8eUIQtbx4TcsGG8UfingQrHbEcf08O39Gfk4o8oQEkU6mdXTfPvD98L2g5H6Fhdh2VViJ6dnfb3ikYIteSH3IflsL_ByVJiObUt&sig=Cg0ArKJSzDYbAStNrS_JEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 5EE6 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdsV-COJ4AvOAXjNnUKuyc7QqkFm5L4Ppzu41aztg3I5BHpELfopsuHLN0q_6gcMFzTdaD0gcTYZ1LE2WZa3CVZI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwmWonCxUOHydHwwWQDlAivOkeoDzCzC5HnqoGu%2FqCuoe4dAzQ8AWerBo0v%2Fp46HMiCItmmjvPJIRkmrXUQu74QHGBCGKNYFDte1rZBaKQaW0EI2kDzff%2FDYRFszFXvQXU6ElTopNt1x%2F2madUIFq%2FY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a3d99ba5d336bf3-SIN
expires
Mon, 06 Mar 2023 21:20:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EE6 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 2681 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666929;ord=u7jk99;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Ffkqs7Xk0MKEDd-X2gp1m_JTpnoC4I3VFv7Z1oRa9mO6ekZkKReSGRJ03qIf1UKHMK12IVwB_03LrClDuVGROVpI_Rnsg62iHaO-gauBPMwYSiiced74meggVHxeB68BBLapDqRKBXqotjsDE-I8Mver1LETt7yUwT4P0icct2jrY890RLorvPXYC-eyc_0zYZCCF8iizCwl2dvdHZ_QrQVW0wbGKW8yz3G-7MOZJYHIVeULfysy9iSE5RVA4Xjb-pnR-QxOJYSMolxRxoPtFbYNtJoVj_zOfX1PnrHPd2Ho98xM2EVtm0A%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
6346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:27:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss62RbeB6leMweUqNhqMN7YXRcWed08qkwoG08m3F-9HngUFUv9j9XuagY0v1WnpKcHx0Ldl5-QWIQgbHzlj5-9Dfuv4yvF0Qt-aPkqWxHM-564PI5wuWAor37g_DU7ubGdpox-YXJxdfYULHbO1SMDmj63Aw&sai=AMfl-YSP6kFKOzADjhVyuM9eqAzRszmaj4Bt80FvB9O70nb6h_8q9NvWLn-X_yeyddku3FQNPlgcLaCcbojqgq2nauqKEBX2dF4LiJcAwg&sig=Cg0ArKJSzNsCp5vQmg4nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230302.66469&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666929;ord=u7jk99;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Ffkqs7Xk0MKEDd-X2gp1m_JTpnoC4I3VFv7Z1oRa9mO6ekZkKReSGRJ03qIf1UKHMK12IVwB_03LrClDuVGROVpI_Rnsg62iHaO-gauBPMwYSiiced74meggVHxeB68BBLapDqRKBXqotjsDE-I8Mver1LETt7yUwT4P0icct2jrY890RLorvPXYC-eyc_0zYZCCF8iizCwl2dvdHZ_QrQVW0wbGKW8yz3G-7MOZJYHIVeULfysy9iSE5RVA4Xjb-pnR-QxOJYSMolxRxoPtFbYNtJoVj_zOfX1PnrHPd2Ho98xM2EVtm0A%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2681 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666929;ord=u7jk99;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Ffkqs7Xk0MKEDd-X2gp1m_JTpnoC4I3VFv7Z1oRa9mO6ekZkKReSGRJ03qIf1UKHMK12IVwB_03LrClDuVGROVpI_Rnsg62iHaO-gauBPMwYSiiced74meggVHxeB68BBLapDqRKBXqotjsDE-I8Mver1LETt7yUwT4P0icct2jrY890RLorvPXYC-eyc_0zYZCCF8iizCwl2dvdHZ_QrQVW0wbGKW8yz3G-7MOZJYHIVeULfysy9iSE5RVA4Xjb-pnR-QxOJYSMolxRxoPtFbYNtJoVj_zOfX1PnrHPd2Ho98xM2EVtm0A%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 15:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 15:30:48 GMT
12796104088671087766
s0.2mdn.net/simgad/ Frame 2681 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12796104088671087766
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::94 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2dfca51adb5f527dc72370ab5a6d140ca2b62e6eb5a865909a351a551fe297a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 16:53:46 GMT
x-content-type-options
nosniff
age
101958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76624
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 07:09:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Mar 2024 16:53:46 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2681
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=73
  • https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_cons...
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
149590
expires
Mon, 06 Mar 2023 00:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/usersync.aspx?r=12&p=73&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fprofile%3d73%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=
date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
content-length
0
sync
ups.analytics.yahoo.com/ups/57926/ Frame 2681
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
  • https://ups.analytics.yahoo.com/ups/57926/sync?uid=BtC5DRfmfIZIMabijNmS&pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57926/sync?uid=BtC5DRfmfIZIMabijNmS&pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57926/sync?uid=BtC5DRfmfIZIMabijNmS&pi=aol&_origin=0&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT, Mon, 06 Mar 2023 21:13:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
3964265803677574557
pr-bh.ybp.yahoo.com/sync/msft/csrc/3/ Frame 2681
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55936%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26redir2%3Dtrue
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fups.analytics.yahoo.com%252Fups%252F55936%252Fsync%253Fuid%253D%2524UID%2526_origin%253D0%2526redir2%253Dtrue
  • https://ups.analytics.yahoo.com/ups/55936/sync?uid=3964265803677574557&_origin=0&redir2=true
  • https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3964265803677574557
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3964265803677574557
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
2406:da18:929:5a01:3027:3246:6166:fb40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/msft/csrc/3/3964265803677574557
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55965/ Frame 2681
Redirect Chain
  • https://cms.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=W2fG6VhkwO9AZZe7D2vbvQtnw7tAMpPnWmLyiFD0
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=W2fG6VhkwO9AZZe7D2vbvQtnw7tAMpPnWmLyiFD0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ups.analytics.yahoo.com/ups/55965/sync?_origin=0&gdpr=0&uid=W2fG6VhkwO9AZZe7D2vbvQtnw7tAMpPnWmLyiFD0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55859/ Frame 2681
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=rmx&gdpr=0&gdpr_consent=
  • https://tg.socdm.com/aux/idsync?proto=bidswitch&bidswitch_ssp_id=rmx
  • https://x.bidswitch.net/sync?dsp_id=168&user_id=ZAZXYcCo5s8AAIofEZkAAAAA&expires=30&ssp=rmx
  • https://ups.analytics.yahoo.com/ups/55859/sync?uid=bbe1bd25-e373-4e62-b717-d85f6df232ee&_origin=0&gdpr=&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55859/sync?uid=bbe1bd25-e373-4e62-b717-d85f6df232ee&_origin=0&gdpr=&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
//ups.analytics.yahoo.com/ups/55859/sync?uid=bbe1bd25-e373-4e62-b717-d85f6df232ee&_origin=0&gdpr=&gdpr_consent=
Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55939/ Frame 2681
Redirect Chain
  • https://ad.turn.com/r/cs?pid=18&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55939/sync?uid=9015009517222667117&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55939/sync?uid=9015009517222667117&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55939/sync?uid=9015009517222667117&_origin=0&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55938/ Frame 2681
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=21&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55938%2Fsync%3Fuid%3D%5BMM_UUID%5D%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
  • https://ups.analytics.yahoo.com/ups/55938/sync?uid=20aa6406-5760-4f00-b72e-4bb097f1f183&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55938/sync?uid=20aa6406-5760-4f00-b72e-4bb097f1f183&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Mon, 06 Mar 2023 21:13:04 GMT
Server
MT3 569 46451a0 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ups.analytics.yahoo.com/ups/55938/sync?uid=20aa6406-5760-4f00-b72e-4bb097f1f183&_origin=0&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 06 Mar 2023 21:13:03 GMT
usync
onevideosync.uplynk.com/ Frame 2681 		0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onevideosync.uplynk.com/usync?key=onevideo&comboId=y-5KIpJ.ZE2uEK6eZeR7OyMSTBhOrfjeNw~A&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.119.153 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-119-153.ap-southeast-1.compute.amazonaws.com
Software
ribs2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
server
ribs2.0
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame 2681 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KcURNd05sRTJ1R0FtU1FUeGhzXzVaRmRKYV9pSHJTdX5B&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
y-lCNJkiFE2uIyZmj3KGdbRxiHT6A1Sh8-~A
pr-bh.ybp.yahoo.com/sync/adtech/ Frame 2681
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true
  • https://pr-bh.ybp.yahoo.com/sync/adtech/y-lCNJkiFE2uIyZmj3KGdbRxiHT6A1Sh8-~A
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adtech/y-lCNJkiFE2uIyZmj3KGdbRxiHT6A1Sh8-~A
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
2406:da18:929:5a01:3027:3246:6166:fb40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/adtech/y-lCNJkiFE2uIyZmj3KGdbRxiHT6A1Sh8-~A
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
17DD8DBA11FA6D6301979F7610FB6C34
pr-bh.ybp.yahoo.com/sync/msn/ Frame 2681
Redirect Chain
  • https://c.bing.com/c.gif?Red3=OATHMS_pd
  • https://pr-bh.ybp.yahoo.com/sync/msn/17DD8DBA11FA6D6301979F7610FB6C34
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msn/17DD8DBA11FA6D6301979F7610FB6C34
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
2406:da18:929:5a01:3027:3246:6166:fb40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5103017803DE43F380830A54831DE7D9 Ref B: SIN30EDGE0409 Ref C: 2023-03-06T21:13:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://pr-bh.ybp.yahoo.com/sync/msn/17DD8DBA11FA6D6301979F7610FB6C34
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 2681
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2681 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/JaQCAfmuFo49fW5QmvWEuR-jzyh6Bc6-8ih8mYrGW8LKRlApXxiTYNOvLCHY631OVYKj7dwqQvXXCKAU-yikVqelo23x1g2xFi0O21rNNShIrHPF2ZAID9mSsK-z2fV8NGfxp48kYpC0Xi0bdVTiiyoM4uFIZ4GrA... Frame 5EE6 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/JaQCAfmuFo49fW5QmvWEuR-jzyh6Bc6-8ih8mYrGW8LKRlApXxiTYNOvLCHY631OVYKj7dwqQvXXCKAU-yikVqelo23x1g2xFi0O21rNNShIrHPF2ZAID9mSsK-z2fV8NGfxp48kYpC0Xi0bdVTiiyoM4uFIZ4GrAse0x9Xg2MBY1kR89aqvForDIP_0CxL5McFouUV0k9YKyRgLrQi-BgvyiFbsERqaP_BXCm-e_U6rfJNOriDEsv-kG8q8W6mLwywu7bWZK8llMWiHG8ivXMWQKACqAfmInpVKg4JSbn4E8jM0PqUrbUrEoGsPJAdpk7NJBaApw40H2y3XPg2S3c1N2EoLqo0i4OrBeb-7OcAV8CSO7YWtTTbHnSp2G6tRr71tp7cMNvfWWwG5sKevAp-5u_8onWz4bCCJrPpU2__xJ7e3sm5W8q_UUwX5DlNLqJQLIboZQuYMPVemdwFTnF80kVHzXzWoNPZG4iHRqM1n9vGs0NOcC8oQ-mw7LbwBXRY-LyGo7DJlcunuch9Fz_6cZQhcXtCuMYQn94_3qpAkS5jHDHvW85S1-9CFPNWFf1KKTtYHnJzY3OUbRcQpU-Blq1_9BQQWqHN8uLpZxZT0d5-7e3S2A1L2gAJyLiG0c40iks7jAXcCufhovejIPiwtXP9aGegrGJvKHpi6DvMaRfCLAFBcODWjB2pHlxRsni_tui6OlLe0in2oqNygRaMfdhhFcS5JIoUZ7cB3xggYvqjrAs-dao4I3eA_hkDWz5NjyA9AHopWEOEniwMii1-8PJdOg3u92Hh4OGt9SSFiWCMB3aCnQp6fl1A7qFy0HbbDrxQbAc6e3CseQLjxVzPA2lE1agf1eB-2IyYgNXIZvA42nYN9nSwt9LuiTs6QDYIMc43eg-NT2km5hSitFmYdTPK32QuAg0i4VNvaHOKaBWKA0qHOpAKpSBMmNnDJHv3_ffDvS4pem8PDk6ablf2A17vKVwGhcHyyuTSmLngpu0i6a5-zpREBVfEsaJRSphmIm4FV5BdfzN5YQqyvHr5WbkDcP2pWLq1EjkUuSxaXs1ju3TMUHiI5UYlg_9fwB-lyluTgipMymySBnKriCIjH-fmq5HT77pZKq4uFS6hcPsm6pq1HLTveNXvLGbPToLJ6LWeEvi0gNSURfX4q2uMDKRtXSDQBHfGKmez8Q2dGSVBpw8N0rvZjuvnRgetxw041JMF3sauOKwppHiRWiVPkagGfjGBZDPRMP1FoY7wvEnYLyOUN0o_sjjQY4ol-NuQL0zM-IazPX-RyXYSBSLm9_7pLysjazApTh-ZBYKNVMMgpj-yo_lV29_FvzNPwPRKQKwoA_YAfxnsBJROf7eBn3jO42JdYHdJwzQRwwCcHnUvW8ef_07hS2wp-kgzVHEOlbMGvHcvdcRvmbvv7Byx8j4jcwiCzFnsiQoCGzGiHvqhKl-liLmetiyIY2yKKqGr3GX8BOYhyKakBKItWVJhbRTEaw1x1bronJuqUKpkt3G0Y77wGmp1wbCW338KR/wp/0.095966/tr/0.019193/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
eef0c96510e777d1ece354ec25f3640bef569774bb52a1d295fe88c319057c64
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2548
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 5EE6 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a9694b7017979eb7fb8f131172d008c&posi=1533758&grp=%3F%3F%3F&nl=1678137182332&rts=1678137182243&pix=1&et=1&a=3c33e9eb-5096-4bd8-add5-ac283362cee9&m=aXAtMTAtMjItMTM5LTIwOA..&p=MC4wMDAwOTU5NjY&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7OztlMDQ4ZmQ2Njc3Mjk0YTk1OWUxNzQ4YzI5OGE0ZmYwMDs0Mjk2MDE4OTsxNjc4MTM0NjUxOzswLjAwMDA3Njc3Mzs7MDs7NTkwNTg4NTsyMTdiNzE2MjA0NmE3YWZkNjc4YWNiZjBiYTBmNjU3MmQ2MTg5OWNiOzE7MTs.&uid=y-5nOhhhNE2rN58mHiTFICN8r.cEvf8eVkBL3yRK1B_91k%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.104.51 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-104-51.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Thu, 02 Mar 2023 15:14:28 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 5EE6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
57f5f5e0b9751dc4a403d42f90055ae301732e507f1ea53724705a82a59595b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 5EE6 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
CSPD20M2NCJXR8QW
age
10446
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
A0Ban6Y+poX+WUvtLT89ZgVcP/nHO6zoflh9cL8BOAwvCMr+wB1TyXObxIIcCiqajg01BvGExX8ttnGc6Exvtg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 5EE6 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e5 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JGMBBQ1HZJ1YKJCA
age
4999
x-amz-server-side-encryption
AES256
x-amz-id-2
PynZTWeZoJBup/Y2AsiIE3WHiBmVj23RPub6uw9wii9b43PqSYboREaj2SFIqUrV0iS3RBwzCd+hlo1Ec+VXGA==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
12796104088671087766
s0.2mdn.net/simgad/ Frame 7C28 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12796104088671087766
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1_xjwjqu2UH9SHuxXcjTe593sOTsv-gClhyHL1DEmTHDT5KSy2mxQzcVt46SH5r9T1slk9MApT9Di_S2IGl3HzEIFJ8oz5Y5zvPOLR2LWo03ZQDRtXLGh6dqT5-mTMFI0118O-9gLh2AVmAM45N3HQK7CEpFBJqO8xjHJbBvEzf30kSIWn_iHxsS25yVwvA88QWUNMVqBY4qflB0VnZgXcuA8oIvigsieEKQhC3yhIfEqXXu5EqZ-p-%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=11;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::94 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2dfca51adb5f527dc72370ab5a6d140ca2b62e6eb5a865909a351a551fe297a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 16:53:46 GMT
x-content-type-options
nosniff
age
101958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76624
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 07:09:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Mar 2024 16:53:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 7C28 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1_xjwjqu2UH9SHuxXcjTe593sOTsv-gClhyHL1DEmTHDT5KSy2mxQzcVt46SH5r9T1slk9MApT9Di_S2IGl3HzEIFJ8oz5Y5zvPOLR2LWo03ZQDRtXLGh6dqT5-mTMFI0118O-9gLh2AVmAM45N3HQK7CEpFBJqO8xjHJbBvEzf30kSIWn_iHxsS25yVwvA88QWUNMVqBY4qflB0VnZgXcuA8oIvigsieEKQhC3yhIfEqXXu5EqZ-p-%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=11;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
6346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:27:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7C28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKU55B8GZO7ma6tQH36UOa-nitR9-VFtDPNYZADa4Jq3yNSWZGFDqUaTZxiuA3fn01sstkf3bpXoWNy8rEt3MhscnJxzeZP8r9-pow3jha-ICOx4lKtaRO2Q5-22PBfOWvAU-WEBtYXU_gFHtop6AMGyCVXg&sai=AMfl-YREvn1saGLXOFpmRwyIrOmaveTTptzIiGZ1cUi5GwkiUeXTB1JakkTfSfxVrzQTIp4Xd7dJFuZvd7g4J_TENv3zsPQZGdHZ2uXuKA&sig=Cg0ArKJSzAyUQltLevuMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230302.70584&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1_xjwjqu2UH9SHuxXcjTe593sOTsv-gClhyHL1DEmTHDT5KSy2mxQzcVt46SH5r9T1slk9MApT9Di_S2IGl3HzEIFJ8oz5Y5zvPOLR2LWo03ZQDRtXLGh6dqT5-mTMFI0118O-9gLh2AVmAM45N3HQK7CEpFBJqO8xjHJbBvEzf30kSIWn_iHxsS25yVwvA88QWUNMVqBY4qflB0VnZgXcuA8oIvigsieEKQhC3yhIfEqXXu5EqZ-p-%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=11;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7C28 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1_xjwjqu2UH9SHuxXcjTe593sOTsv-gClhyHL1DEmTHDT5KSy2mxQzcVt46SH5r9T1slk9MApT9Di_S2IGl3HzEIFJ8oz5Y5zvPOLR2LWo03ZQDRtXLGh6dqT5-mTMFI0118O-9gLh2AVmAM45N3HQK7CEpFBJqO8xjHJbBvEzf30kSIWn_iHxsS25yVwvA88QWUNMVqBY4qflB0VnZgXcuA8oIvigsieEKQhC3yhIfEqXXu5EqZ-p-%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=11;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 15:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 15:30:48 GMT
usync.html
eus.rubiconproject.com/ Frame 5E9D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=sg
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 21:13:04 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C28 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss62RbeB6leMweUqNhqMN7YXRcWed08qkwoG08m3F-9HngUFUv9j9XuagY0v1WnpKcHx0Ldl5-QWIQgbHzlj5-9Dfuv4yvF0Qt-aPkqWxHM-564PI5wuWAor37g_DU7ubGdpox-YXJxdfYULHbO1SMDmj63Aw&sai=AMfl-YSP6kFKOzADjhVyuM9eqAzRszmaj4Bt80FvB9O70nb6h_8q9NvWLn-X_yeyddku3FQNPlgcLaCcbojqgq2nauqKEBX2dF4LiJcAwg&sig=Cg0ArKJSzNsCp5vQmg4nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=100&vt=11&dtpt=98&dett=2&cstd=0&cisv=r20230302.66469&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349771445;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=635666929;ord=u7jk99;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3Dc9414e376eeb495196b7d6a67bd5141c%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f132c763008f%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182331%26rts%3D1678137182243%26ari%3Dc278439717354e3694a85a180081c3cb%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Dbd19c74f-d6b1-4fba-b1e1-52adb1633f73%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Ffkqs7Xk0MKEDd-X2gp1m_JTpnoC4I3VFv7Z1oRa9mO6ekZkKReSGRJ03qIf1UKHMK12IVwB_03LrClDuVGROVpI_Rnsg62iHaO-gauBPMwYSiiced74meggVHxeB68BBLapDqRKBXqotjsDE-I8Mver1LETt7yUwT4P0icct2jrY890RLorvPXYC-eyc_0zYZCCF8iizCwl2dvdHZ_QrQVW0wbGKW8yz3G-7MOZJYHIVeULfysy9iSE5RVA4Xjb-pnR-QxOJYSMolxRxoPtFbYNtJoVj_zOfX1PnrHPd2Ho98xM2EVtm0A%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=29;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdoIx0VpnOkOk3-mazjl8m6EOfOLGURysfduB0Rr3NdFp7hKZA7FY5RZhLgaF5wnI-aZ9MuJ1nFGR0yUA0WBrtksVGkAFo0q0fNHUyw-gP_DZ4sKiTquRzOOmW7cH3lgXg2Rzy7I22gplC8-NiSe1BVFo_FIV9sgJVx7owg4tIxRWzFOeRj9rWvnweKXDYa3Dr1pnHDxP2-tgQWDafyVLaOEu2iSIvHZSEsZmO3cAYFzYo7Pjm3dyJRKC8AynHNmyiE2IMt8AW1h4jEe4eyOs2a1nmlyXpTun2qYHB-Q6JJ8kfgxllSpbLWq_eRfChwPSKqm8UC-0nBgqAKLK2wTEoF__b&sai=AMfl-YT91V83Kbi77-IJ0qhSaiLudD4QxA38S7--DciMhPwH6k5KzRbfIQO8FRPWdMTbXc87lhD4h4S5-4UGmmH3MwfXJ6MobwRlIvvHWNJLJvZBM-nTlvUqwzZb3lN9YazqHn4OhAvG1plN1PCxw9g&sig=Cg0ArKJSzAXE9PBdzdHZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
truncated
/ Frame 2681 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffe533a34b375a0ebe0688e4b112a93e54b7a3642e1a802ef71a0552719aafa8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dcmads.js
www.googletagservices.com/dcm/ Frame 5EE6 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/JaQCAfmuFo49fW5QmvWEuR-jzyh6Bc6-8ih8mYrGW8LKRlApXxiTYNOvLCHY631OVYKj7dwqQvXXCKAU-yikVqelo23x1g2xFi0O21rNNShIrHPF2ZAID9mSsK-z2fV8NGfxp48kYpC0Xi0bdVTiiyoM4uFIZ4GrAse0x9Xg2MBY1kR89aqvForDIP_0CxL5McFouUV0k9YKyRgLrQi-BgvyiFbsERqaP_BXCm-e_U6rfJNOriDEsv-kG8q8W6mLwywu7bWZK8llMWiHG8ivXMWQKACqAfmInpVKg4JSbn4E8jM0PqUrbUrEoGsPJAdpk7NJBaApw40H2y3XPg2S3c1N2EoLqo0i4OrBeb-7OcAV8CSO7YWtTTbHnSp2G6tRr71tp7cMNvfWWwG5sKevAp-5u_8onWz4bCCJrPpU2__xJ7e3sm5W8q_UUwX5DlNLqJQLIboZQuYMPVemdwFTnF80kVHzXzWoNPZG4iHRqM1n9vGs0NOcC8oQ-mw7LbwBXRY-LyGo7DJlcunuch9Fz_6cZQhcXtCuMYQn94_3qpAkS5jHDHvW85S1-9CFPNWFf1KKTtYHnJzY3OUbRcQpU-Blq1_9BQQWqHN8uLpZxZT0d5-7e3S2A1L2gAJyLiG0c40iks7jAXcCufhovejIPiwtXP9aGegrGJvKHpi6DvMaRfCLAFBcODWjB2pHlxRsni_tui6OlLe0in2oqNygRaMfdhhFcS5JIoUZ7cB3xggYvqjrAs-dao4I3eA_hkDWz5NjyA9AHopWEOEniwMii1-8PJdOg3u92Hh4OGt9SSFiWCMB3aCnQp6fl1A7qFy0HbbDrxQbAc6e3CseQLjxVzPA2lE1agf1eB-2IyYgNXIZvA42nYN9nSwt9LuiTs6QDYIMc43eg-NT2km5hSitFmYdTPK32QuAg0i4VNvaHOKaBWKA0qHOpAKpSBMmNnDJHv3_ffDvS4pem8PDk6ablf2A17vKVwGhcHyyuTSmLngpu0i6a5-zpREBVfEsaJRSphmIm4FV5BdfzN5YQqyvHr5WbkDcP2pWLq1EjkUuSxaXs1ju3TMUHiI5UYlg_9fwB-lyluTgipMymySBnKriCIjH-fmq5HT77pZKq4uFS6hcPsm6pq1HLTveNXvLGbPToLJ6LWeEvi0gNSURfX4q2uMDKRtXSDQBHfGKmez8Q2dGSVBpw8N0rvZjuvnRgetxw041JMF3sauOKwppHiRWiVPkagGfjGBZDPRMP1FoY7wvEnYLyOUN0o_sjjQY4ol-NuQL0zM-IazPX-RyXYSBSLm9_7pLysjazApTh-ZBYKNVMMgpj-yo_lV29_FvzNPwPRKQKwoA_YAfxnsBJROf7eBn3jO42JdYHdJwzQRwwCcHnUvW8ef_07hS2wp-kgzVHEOlbMGvHcvdcRvmbvv7Byx8j4jcwiCzFnsiQoCGzGiHvqhKl-liLmetiyIY2yKKqGr3GX8BOYhyKakBKItWVJhbRTEaw1x1bronJuqUKpkt3G0Y77wGmp1wbCW338KR/wp/0.095966/tr/0.019193/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Mar 2023 21:46:12 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 5EE6 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/JaQCAfmuFo49fW5QmvWEuR-jzyh6Bc6-8ih8mYrGW8LKRlApXxiTYNOvLCHY631OVYKj7dwqQvXXCKAU-yikVqelo23x1g2xFi0O21rNNShIrHPF2ZAID9mSsK-z2fV8NGfxp48kYpC0Xi0bdVTiiyoM4uFIZ4GrAse0x9Xg2MBY1kR89aqvForDIP_0CxL5McFouUV0k9YKyRgLrQi-BgvyiFbsERqaP_BXCm-e_U6rfJNOriDEsv-kG8q8W6mLwywu7bWZK8llMWiHG8ivXMWQKACqAfmInpVKg4JSbn4E8jM0PqUrbUrEoGsPJAdpk7NJBaApw40H2y3XPg2S3c1N2EoLqo0i4OrBeb-7OcAV8CSO7YWtTTbHnSp2G6tRr71tp7cMNvfWWwG5sKevAp-5u_8onWz4bCCJrPpU2__xJ7e3sm5W8q_UUwX5DlNLqJQLIboZQuYMPVemdwFTnF80kVHzXzWoNPZG4iHRqM1n9vGs0NOcC8oQ-mw7LbwBXRY-LyGo7DJlcunuch9Fz_6cZQhcXtCuMYQn94_3qpAkS5jHDHvW85S1-9CFPNWFf1KKTtYHnJzY3OUbRcQpU-Blq1_9BQQWqHN8uLpZxZT0d5-7e3S2A1L2gAJyLiG0c40iks7jAXcCufhovejIPiwtXP9aGegrGJvKHpi6DvMaRfCLAFBcODWjB2pHlxRsni_tui6OlLe0in2oqNygRaMfdhhFcS5JIoUZ7cB3xggYvqjrAs-dao4I3eA_hkDWz5NjyA9AHopWEOEniwMii1-8PJdOg3u92Hh4OGt9SSFiWCMB3aCnQp6fl1A7qFy0HbbDrxQbAc6e3CseQLjxVzPA2lE1agf1eB-2IyYgNXIZvA42nYN9nSwt9LuiTs6QDYIMc43eg-NT2km5hSitFmYdTPK32QuAg0i4VNvaHOKaBWKA0qHOpAKpSBMmNnDJHv3_ffDvS4pem8PDk6ablf2A17vKVwGhcHyyuTSmLngpu0i6a5-zpREBVfEsaJRSphmIm4FV5BdfzN5YQqyvHr5WbkDcP2pWLq1EjkUuSxaXs1ju3TMUHiI5UYlg_9fwB-lyluTgipMymySBnKriCIjH-fmq5HT77pZKq4uFS6hcPsm6pq1HLTveNXvLGbPToLJ6LWeEvi0gNSURfX4q2uMDKRtXSDQBHfGKmez8Q2dGSVBpw8N0rvZjuvnRgetxw041JMF3sauOKwppHiRWiVPkagGfjGBZDPRMP1FoY7wvEnYLyOUN0o_sjjQY4ol-NuQL0zM-IazPX-RyXYSBSLm9_7pLysjazApTh-ZBYKNVMMgpj-yo_lV29_FvzNPwPRKQKwoA_YAfxnsBJROf7eBn3jO42JdYHdJwzQRwwCcHnUvW8ef_07hS2wp-kgzVHEOlbMGvHcvdcRvmbvv7Byx8j4jcwiCzFnsiQoCGzGiHvqhKl-liLmetiyIY2yKKqGr3GX8BOYhyKakBKItWVJhbRTEaw1x1bronJuqUKpkt3G0Y77wGmp1wbCW338KR/wp/0.095966/tr/0.019193/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
QQJ668BZBFS4HH8S
age
2103
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
iZ8Tw8i+URsNh0EI8Ks8azviR080aIsTVtNNJGlN+51kCXeOXGhNC8QlkE81wwtMMaSkBmlt3GY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
view
googleads4.g.doubleclick.net/pcs/ Frame 7C28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKU55B8GZO7ma6tQH36UOa-nitR9-VFtDPNYZADa4Jq3yNSWZGFDqUaTZxiuA3fn01sstkf3bpXoWNy8rEt3MhscnJxzeZP8r9-pow3jha-ICOx4lKtaRO2Q5-22PBfOWvAU-WEBtYXU_gFHtop6AMGyCVXg&sai=AMfl-YREvn1saGLXOFpmRwyIrOmaveTTptzIiGZ1cUi5GwkiUeXTB1JakkTfSfxVrzQTIp4Xd7dJFuZvd7g4J_TENv3zsPQZGdHZ2uXuKA&sig=Cg0ArKJSzAyUQltLevuMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=65&vt=11&dtpt=64&dett=2&cstd=0&cisv=r20230302.70584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;dc_adk=2114194144;ord=0b18ye;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Femg5Yb9AotIcW6chejR4GpcOj_1g17_Bv9Imnskdw1_xjwjqu2UH9SHuxXcjTe593sOTsv-gClhyHL1DEmTHDT5KSy2mxQzcVt46SH5r9T1slk9MApT9Di_S2IGl3HzEIFJ8oz5Y5zvPOLR2LWo03ZQDRtXLGh6dqT5-mTMFI0118O-9gLh2AVmAM45N3HQK7CEpFBJqO8xjHJbBvEzf30kSIWn_iHxsS25yVwvA88QWUNMVqBY4qflB0VnZgXcuA8oIvigsieEKQhC3yhIfEqXXu5EqZ-p-%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=11;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C28 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssynjsVK_3qkInAsXXpv6hZCPM1MVvur9WSvHXFXgcZsg2NlwtNPF-UJpgyfzb996ilbThNPv6W7ihPrXUKHmfhBn8Sc-0LeTD7D4KtdEggAhFRz14xfUZ7dm3fEgT3pbZANelf81v1pg88EaV9TXpNB5BADWcd2G8A8TZNJ64tx_cKboM7_cHcjzlXXOKY76EKp86SSdUeMeflKJoVUgpkdJixWP840HY_x_rz2U3pFWTKwA7X2cK2ifdi1i-bMBo1gFXNYBJpupSs2ozYMahNYctU3RKnWbfHpFn99PMi976hmgYuzpbJQLvb0Rec3uT9lO502iFoFHMJKJt3PN7aFRc4cQ&sai=AMfl-YTkGLvCmdsG3GAoIJ8edL_Ow3biIUU3OQ8SwkZ6W4KO-aecWhWbKn6MMOIeMld9vH0obbVKFWoRXR2GAjT5xH_5LLGIUi_O4d2TTImzK0FqLHvAAbwI9U3m7b_poqzEwNEgBIk0mG72S3XBZbH6&sig=Cg0ArKJSzAau7iiikzHfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5O8S42mgrzPeiqYCrM9TFOPVLUCeJtFFvK_yNsVDMnNM-j7WBOpMf2L5ZF6un0kZTyJFHE5JIDZdXowBnz3v3A18eyQpmvb3RlNy6CZvOSMpmj-LH-h5MMv2-x7pLjOaTERH7pI3JMc3HTGkh_8tnZQUjS8dpDBtTUj7hY96rBeGQrDndpQNQRFixTZ6TLFYmBQPQsf4K9NN65AsF2cAQnL_EItPKnozetdCOus-dFnAk7iueNuU8QSldLZiuQ1WxFyRXIzVAfIRfecVbtL-nYjHCSHIwmyKc98lWQAOISbeY4YLUCIN8EJ6doKUVpB3jydQEv6yvtNvxOtQA0LYs&sai=AMfl-YTa-czryk7kU38fHhGZy3vCnN_QkDDvBS9p1LthZvhuC53N0JGgEPWuC2l8Tscf8l9RCbhpvDYZPzInaW5zpvmvMiviz2c5O_uYao6xFI9DLKzxyH6E6a48QYEuMwmPVcz_xw7FNvR82cvT104&sig=Cg0ArKJSzCHhKy-K5yLREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 6121 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdsV-COJ4AvOAXjNnUKuyc7QqkFm5L4Ppzu41aztg3I5BHpELfopsuHLN0q_6gcMFzTdaD0gcTYZ1LE2WZa3CVZI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2cHiD8Fun0G1X16Ha21OiMy3RAeWsHuJjk%2BGnyPPjF4pKtMc4bAll9NVdPQ6Mx9mvhQd0iOQT1Ey6UQEHID4tZD0%2B5xd0pe52G5puvpml7QXPL5EP%2FsXfQuJuJVPlLxVGok%2F8inJ14uXyL%2Fq5PZ1f0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a3d99bb9daf6bf3-SIN
expires
Mon, 06 Mar 2023 21:20:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6121 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
usync.js
eus.rubiconproject.com/ Frame 5E9D 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=sg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7df7f9d2319dd990930f983a351acbeb4b448713bfaa65b1fb107f1b820084a4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=sg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 11:12:21 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=50261
Connection
keep-alive
Content-Length
10006
Expires
Tue, 07 Mar 2023 11:10:45 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E861 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
289347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 12:50:37 GMT
expires
Sat, 02 Mar 2024 12:50:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame D22F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=4b86c7cb-bf78-4633-978d-53c0b6d746c0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-73.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Mon, 06 Mar 2023 21:13:04 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1678112159.991884"
expires
Mon, 13 Mar 2023 21:13:04 GMT
last-modified
Mon, 06 Mar 2023 13:28:47 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame CC6E 		416 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-73.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
282
content-type
text/html
date
Mon, 06 Mar 2023 21:13:04 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1678112157.085841"
expires
Mon, 13 Mar 2023 21:13:04 GMT
last-modified
Mon, 06 Mar 2023 13:28:47 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame D11D 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a09a4967898082c282debf46959d51ae&pvId=a09a4967898082c282debf46959d51ae&sid=8304254&pid=113125&idx=0&wId=100&pad=0&org=0&tm=860&eT=0&widgetWidth=300&widgetHeight=0&widgetX=0&widgetY=0&wRV=2010204&pVis=0&lsd=4b86c7cb-bf78-4633-978d-53c0b6d746c0&eIdx=&cheq=2&rtt=310&oo=false&lo=47&odbreq=631&odbres=941&cet=4g&to=1678137183658&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
04a6b41993633fa3c459697ca8e999e4
Content-Length
4
Expires
0
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 5AE7 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-73.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c81d37f8dbeba96c09f42154ff2393259df8fcaf61b9d0855dba2231da87722a

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
6023
content-type
text/html
date
Mon, 06 Mar 2023 21:13:04 GMT
etag
"c1ec9746da012415fcc0039431f8a307:1678016707.04992"
expires
Mon, 13 Mar 2023 21:13:04 GMT
last-modified
Sun, 05 Mar 2023 11:40:02 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
impl_v95.js
www.googletagservices.com/dcm/ Frame 5EE6 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 14:12:02 GMT
truncated
/ Frame 7C28 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb9de143b9f924c8c2aeaec91a94bcb23b23e4f2b58ff6edb67acbdda2773b23

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
khaos.jpg
token.rubiconproject.com/ Frame 5E9D 		284 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=au&co=sg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/YfmWmjE-RQFztB4P7tvbzD_FkkmuY2y8E-l23GmtNPAeGPrzI4f-CggAdMfyGBhbTcqsIT7i2lzrP_EWbrhan3HEzcDmTCKaWleAH91oAuzvaXX50WDpDALxLUO-HVDtoZdWql5n6920TxUZvCRLO0Pp__1YTZNc1... Frame 6121 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/YfmWmjE-RQFztB4P7tvbzD_FkkmuY2y8E-l23GmtNPAeGPrzI4f-CggAdMfyGBhbTcqsIT7i2lzrP_EWbrhan3HEzcDmTCKaWleAH91oAuzvaXX50WDpDALxLUO-HVDtoZdWql5n6920TxUZvCRLO0Pp__1YTZNc103rRQ-QbvNQv_osiBdJTCuwzeQ7rLl3lF4jqPbhGp0NDVo31YtStuu1IIFy2RtIWu9Iu297DfkWu-IBsSaupA0OqL8Yn3T06yKuUThQFkZkdxRPnGXc9QDh4ZaosLkSsGMgf5nZgDmAht-1iMCW9Wbi3C5hVRSxqCWXpQUrSQlVeeeD56wyvdCMOtqOjKhDAGQujhDwGvaUfr4MoD7jDt2TmFqBk4ZLTGm8rYTeBet8arhcIoPG2kJpoteI-qpQXVWqDr7K1o2zLKrwTP4ppzptqM4hTbKIQkI9ZuHCv0OKx1v1Ssg0hpb45BR9E-nsNPVPXmBKmX0Ym_Jrb4ovlGPMXFDzPOH0m_zU5rTB9-VPVFyvlX0nKtS8pM-hwrQloSIA7gje6hRTWBGkGlX-UQHapqpthgxm7vZHvZW76WE_PGBHAThPAm-i007mPl69_6oG_A-tJwnY3Zksy2iTG8151BwVOgIYyBw6ELzf_cdANqKxMk7aumk3pRN4D_zfE0AqCfk496SpMoiOmV-3Qg9vMbjq3JXvr66Dnlf9L3kZ7f9yt9tqj0EduR6WOUDEb6j68AB4y6p5JWbM8uO6H9FwhIU1uUrxmyoj1cjZSj_G_ysdJcDjWwh9mleDH-HQtGItNGpu5C9hd5q8fRMyLmnEq2X1JX3VnC8p1JXwlneHS1WpRgPATmQUUFfzFpgXtc75EKYTgnLt7aJP6aGdFE60_CgpUW4huzP0skSa6ox4fD1mge4Db0JWUrdjbjd0YwAWvO7oIecgRjkblOhqAcsTs8vy7o0HwLD8VjCHijYbeRk2RVmFAKgn0B7jrOJizAoCtokqn4gP1ych83WFohrlvwALgtwPvIRw2BwRjuMk2-xOMHve1ZhNMV1DeFeRifPZppxb1QzHbemApSlQ0cTlFoJcJxcsUse09_RQtCCUGe2OrvFieHLOQpmNwP4wHdUr97atAJtczBMroDkG8rAZ4mzmf9Ttrqn3U5C8BAlGCylGWLs8PM-Cvi9eiIax72XcoDo1zWH5UsAC-FLH5cu3YV5n-4KOSnjD0MHqwpgXyrcNDkn5hKa1CBXHlhuunVeqfRa24uNqgDqCIesiLOnYxW-0WThX1yPezNklUazZ4YXg-FdwAeqgT-yu04oVXNDOeK1gP9QgR7stt2FemXOnOIZta87F3VljGNrzFmz4SPLkvkm4fpFFpYivUD-BhXgMy0i9bmX8Rx0zVMFNWInpF3eVVq9VZFtu_rJYVbQtdA65rKF2betqOsWlqnQ9obRZr7pTFYooId8LWEEXbr0srLoxRiGtP0Lh2d9m5DRDgaCY-AzK81t7RXjL8JUWVxTqYyU719ARTUp_sIoQIQRmMH2_MvNgP985i0PpVMI/wp/0.105044/tr/0.021009/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
bc5a73bc64bc1eccbb939f71fda34c374f13e878068914204b9baa6c731168f5
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2548
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 6121 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a969df9017979eb7899f1347b2e0090&posi=1533761&grp=%3F%3F%3F&nl=1678137182340&rts=1678137182243&pix=1&et=1&a=aff073f1-834d-405d-a962-898debca10d8&m=aXAtMTAtMjItMTM5LTIxNw..&p=MC4wMDAxMDUwNDQ&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7OzszM2U4NDIzODZmZTE0OWZlODdhNmY5NGU3NGE1YjUxYzs0Mjk2MDE4OTsxNjc4MTM0NjUxOzswLjAwMDA4NDAzNTs7MDs7NTQ3Njg5NjswZGNmMjg4YjU3NGU4NTI5NDg2MTBhZjNmODkxZWMyYzA5ZjIzNzgxOzE7MTs.&uid=y-CpICOOZE2rMT3voQ7O_paZ77xn5.fQutNVbFa90Eq6C5%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&bkts=MzIjMTI1&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.104.51 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-104-51.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Thu, 02 Mar 2023 15:14:28 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 6121 		19 B
45 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 6121 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
CSPD20M2NCJXR8QW
age
10446
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
A0Ban6Y+poX+WUvtLT89ZgVcP/nHO6zoflh9cL8BOAwvCMr+wB1TyXObxIIcCiqajg01BvGExX8ttnGc6Exvtg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 6121 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e5 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JGMBBQ1HZJ1YKJCA
age
4999
x-amz-server-side-encryption
AES256
x-amz-id-2
PynZTWeZoJBup/Y2AsiIE3WHiBmVj23RPub6uw9wii9b43PqSYboREaj2SFIqUrV0iS3RBwzCd+hlo1Ec+VXGA==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 728C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
289347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 12:50:37 GMT
expires
Sat, 02 Mar 2024 12:50:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8E40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGb19pWOe74vUSjTYkZQCV2jGRJxsfiRWnUHIQhCuVhoVl_5N72ItCNV6w-tFiQBmn32ooOazQhrsI09wmg6q14nTqBfaZcivRMDQUkYZruXafcWaysfFD6Q5zzujkzWlLBSp3WX5veU2oBkDB7kqZxdXvsb-bxcwmPZPXV_ADDsBnqVWfIW0sioD_5L7GXdVplCRD-wxDfgG0g6y5x1-4DM9XMHehcoDgqxlxxLc79BbcazhbNjp3VFVjWF8cV-yIKcAk75Sw9M6p0Zj7wXw4CRrtanw6hOi392dKdV-cQLphiwEp6uNY8itfhAWVrM_VieX-PsMBcE296JB3VgkzTDRAQZ7vSldM&sai=AMfl-YT6NKcM2RZ0u6AgoAjNGFK9v8RmhNZO2n_WdoxkyHNiVBlbXttMejfqMR67x7N_LR_A1mtRefeYi1GOtty9gfXvXMVEa3DRKjBiBYu6e9YYSx11C-VvOnj8gC5Ye9dnsWqGb27qNFCn_EobmIZf&sig=Cg0ArKJSzHt-YTEp4UgdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 8E40 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:cab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdsV-COJ4AvOAXjNnUKuyc7QqkFm5L4Ppzu41aztg3I5BHpELfopsuHLN0q_6gcMFzTdaD0gcTYZ1LE2WZa3CVZI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgTDQRx14yn6xhuGlUjYm%2BborAtbi78GnAYsfYMsYqZ26T9XKIsFz4UKB4EKPbVL4TmbrPYPFm%2Bo3THKHc6QjA3%2FX1WcuZbJj1hgxbPZFnVIiBSvHP0TGmafQPLmQSIYprBEWaL8y9L40LxXm54TZ2U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
7a3d99bc5ddf6bf3-SIN
expires
Mon, 06 Mar 2023 21:20:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E40 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame CC6E 		610 B
946 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-73.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-length
610
content-type
text/html
date
Mon, 06 Mar 2023 21:13:04 GMT
etag
"48053d50141031b1511dbd30f9a31288:1678112157.781839"
expires
Mon, 13 Mar 2023 21:13:04 GMT
last-modified
Mon, 06 Mar 2023 13:28:47 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
B28320074.359891266;dc_ver=95.280;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=2531837453;ord=3kyvb9;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b701797...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 5EE6 		58 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891266;dc_ver=95.280;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=2531837453;ord=3kyvb9;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2F5hEVfudGT3vHJ4PH-RLzhyp7J3QYTg_uFv4hiIv_dssOZp6lzLLUXXFyubT40-gI6SGlWYrNrNNvObFB_XJcszk__63L54FwtZ9qwXGEVUoV0w4Vy8BFyv-evLq8HxCfBGLdaKUzWVMwg9iZuhedvf9iggVRAVjHnwxdNks4_UP5taJdZgebmHFuc7GvjiWnw8WVnVjiW9GOOi-FCGs3Cbk3K9VHvVhmqOBt4Dt-h5SXvwxQoGJytfMkrFPvU1LYU41J6M3pdT3pM2662Y1bXFQguFZcTrq2wWt6OP7gWVzrJJe2005MXg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=104;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
78eec6a571c69021a2b3fd981b16b57599dd3456ef5f6058ab130b3d0d2fb1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27933
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 5AE7
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEpBT2tUQUxDd29ldlljMmRUSmlQcGpnVHhtYWJpZXQzamVOSk5vVnBjbVRSLUJxRG8xMHpUQzUxV3dJLUtqU1MQABoNCOCumaAGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a624734f29d8aca57514ee9e74cefddbf2e256ccdebff1c2a8892873dcc0e262791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhNjI0NzM0ZjI5ZDhhY2E1NzUxNGVlOWU3NGNlZmRkYmYyZTI1NmNjZGViZmYxYzJhODg5Mjg3M2RjYzBlMjYyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhNjI0NzM0ZjI5ZDhhY2E1NzUxNGVlOWU3NGNlZmRkYmYyZTI1NmNjZGViZmYxYzJhODg5Mjg3M2RjYzBlMjYyNzkxNDI2YjU0MTdkY2UyMRAAGgwI4a6ZoAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fb54d623-5ea0-4f99-9532-b93f0a6c1226
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=fb54d623-5ea0-4f99-9532-b93f0a6c1226
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=fb54d623-5ea0-4f99-9532-b93f0a6c1226
date
Mon, 06 Mar 2023 21:13:05 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&initiator=ob&puid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=c5a9mzsM5VsYxDyAHRgO&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=c5a9mzsM5VsYxDyAHRgO&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
bd9d666f67db92a5b2d1131120ea9b34
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=c5a9mzsM5VsYxDyAHRgO&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3964265803677574557&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3964265803677574557&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache
X-TraceId
dd6a28de0b68f3299b920fd44e311a6c
Content-Length
0

Redirect headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9594904d-242d-4b60-8da1-fed2fdef7f6b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=3964265803677574557&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 5AE7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
35.161.156.211 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v042-03b03c578.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4LX7FoITQwM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v042-07d2bca53.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
gfpUyKySQbQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 5AE7 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.50.85.234 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-50-85-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:04 GMT
Cache-Control
private, max-age=3000
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache
X-TraceId
e45a96f32f60a27beb11cd38b25201dc
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usermatch.gif
beacon.krxd.net/ Frame 5AE7 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.220.175 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
beacon-n013-pdx-prod.krxd.net
date
Mon, 06 Mar 2023 21:13:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1678137185
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 5AE7 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.41 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
via
1.1 d4555cc532101371fed7b03db24c29be.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
SIN52-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
GNT4MtEWnkTq1RVKiabTqS9Jeyvj5VlfaxCJXRhu8PpYSp_iS9tvgA==
expires
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=c30bfa84-777a-4e1c-a986-49723f21ac4e
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=c30bfa84-777a-4e1c-a986-49723f21ac4e
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
2781178a9986804dc0b66aecf414162c
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=c30bfa84-777a-4e1c-a986-49723f21ac4e
Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
odr.mookie1.com/t/v2/ Frame 5AE7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bbe1bd25-e373-4e62-b717-d85f6df232ee&ssp=outbrain&gdpr=0&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bbe1bd25-e373-4e62-b717-d85f6df232ee&ssp=outbrain&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
34.111.79.67 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bbe1bd25-e373-4e62-b717-d85f6df232ee&ssp=outbrain&gdpr=0&gdpr_consent=
Date
Mon, 06 Mar 2023 21:13:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 5AE7 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
247753
expires
Mon, 06 Mar 2023 00:00:00 GMT
bswsync
crb.kargo.com/api/v1/ Frame 5AE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDm4ePiXQFKyixqUe3j8hUQ&google_cver=1
  • https://crb.kargo.com/api/v1/bswsync?bsw_uuid=bbe1bd25-e373-4e62-b717-d85f6df232ee&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=bbe1bd25-e373-4e62-b717-d85f6df232ee&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
34.199.72.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
//crb.kargo.com/api/v1/bswsync?bsw_uuid=bbe1bd25-e373-4e62-b717-d85f6df232ee&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 06 Mar 2023 21:13:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7207544327784822936&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7207544327784822936&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache
X-TraceId
5c8e0a9d85aec234ee82fe4b76b96711
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7207544327784822936&gdpr=0&gdpr_consent=
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
match
ps.eyeota.net/ Frame 5AE7
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmFteXVJS3laMVZTeFJVSjVNdzVzd2Z4ZGVpTGk0clM3VXkyNFFDdzhZR0E&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0&google_gid=CAESEALctMmbMsnrbNNTAzUVt_A&google_cver=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://ps.eyeota.net/match?uid=3964265803677574557&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0&
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=anagpaZ81Pzi8N5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=1mpn7m0&
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=9015009517222667117&newuser=1&dc_rc=4&dc_mr=5&dc_orig=1mpn7m0&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&bid=1e2n4ou
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
18.141.109.184 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 06 Mar 2023 21:13:06 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=3585500b-878f-4de3-92ab-e7f9bedd5d25&bid=1e2n4ou
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
191
JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
id.geistm.com/m/OB/ Frame 5AE7 		0
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OIs0Ru2gNk0Ife9HHU5R&pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OIs0Ru2gNk0Ife9HHU5R&pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache
X-TraceId
2b3576817d47052807b4679ca2d427e6
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OIs0Ru2gNk0Ife9HHU5R&pi=outbrain&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&tc=1
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT, Mon, 06 Mar 2023 21:13:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LEXBJUTS-1Q-9ALV&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LEXBJUTS-1Q-9ALV&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
9e79ccdcd6744cfd6397dc582a372ed7
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LEXBJUTS-1Q-9ALV&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
tpid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 5AE7 		49 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.233.244 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.20.219
content-length
49
expires
0
adsct
analytics.twitter.com/i/ Frame 5AE7
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&xl8blockcheck=1
  • https://analytics.twitter.com/i/adsct?p_user_id=f062e7ff0087823d6ffb98e1fed9b891&p_id=28539
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=f062e7ff0087823d6ffb98e1fed9b891&p_id=28539
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
104.244.42.131 -, , ASN (),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
101
date
Mon, 06 Mar 2023 21:13:06 GMT
strict-transport-security
max-age=631138519
server
tsa_m
content-type
image/gif;charset=utf-8
x-transaction-id
c6b3614d872a9edf
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
cb75394af7e078c9a98b2eed37e587538bad4c6cf0e8f02aa189e344aa6678a9
content-length
43

Redirect headers

date
Mon, 06 Mar 2023 21:13:05 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://analytics.twitter.com/i/adsct?p_user_id=f062e7ff0087823d6ffb98e1fed9b891&p_id=28539
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&ini...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache
X-TraceId
8a42d99ca6589ce881fada72f94611df
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
0
Expires
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEAK-LYCC6Dvp1E0g4Ecw91Y&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:5BB1C36D8B744BEFA38DCA097C9817B2
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=29217D1B-5EBE-4765-B9E7...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
963073f1b200eba3f1827baa93e00815
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&initiator=ob&gdpr_consent=&us_privacy=1---&uid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
date
Mon, 06 Mar 2023 21:13:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob%26...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&uid=07ba672d-e89b-432e-888a-e5...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&uid=07ba672d-e89b-432e-888a-e54497ced785
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
1091aa11677e030f3842bd234f010608
Content-Length
0

Redirect headers

date
Mon, 06 Mar 2023 21:13:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&uid=07ba672d-e89b-432e-888a-e54497ced785
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
c6b22b034a471d545ea2edfa469ff64b
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
cs.emxdgt.com/ Frame 5AE7 		0
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJN...
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=d9c6885a-33f6-474c-a6d5-f8bfdda6de9f&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_priva...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=d9c6885a-33f6-474c-a6d5-f8bfdda6de9f&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
a13dffe5e78e9d39995485c1ab8350b0
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=d9c6885a-33f6-474c-a6d5-f8bfdda6de9f&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
access-control-allow-origin
*
date
Mon, 06 Mar 2023 21:13:06 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gd...
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=46c4e34d&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=46c4e34d&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Cache-Control
no-cache
X-TraceId
3671cc15760b565ee1c6d2592592e577
Content-Length
0

Redirect headers

date
Mon, 06 Mar 2023 21:13:06 GMT
via
1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=46c4e34d&obUid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---&initiator=ob
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5vaRFhCP0JKr96VRY1klyCZud73KbZf5WZukizgf3EU-BwXk1MwLyA==
sync
ssbsync.smartadserver.com/api/ Frame 5AE7 		0
0
c.gif
c.bing.com/ Frame 5AE7 		42 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 17 Feb 2023 00:56:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0BB68F11BF8044AB8C61E32BDF3AF87C Ref B: SIN30EDGE0409 Ref C: 2023-03-06T21:13:04Z
etag
"625d0a86a42d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
services
sync.technoratimedia.com/ Frame 5AE7 		0
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://id.rlcdn.com/711945.gif?ct=4&cv=
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5AE7 		0
0
cookie-sync
sync.outbrain.com/ Frame 5AE7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=5pWAtuWWhrD9l9Hkspmd4raVheT9wNW455B5rgVT
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=5pWAtuWWhrD9l9Hkspmd4raVheT9wNW455B5rgVT
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Cache-Control
no-cache
X-TraceId
df37542d722d3707041815f497779eec
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&initiator=ob&uid=5pWAtuWWhrD9l9Hkspmd4raVheT9wNW455B5rgVT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 5AE7 		0
0
9.gif
id5-sync.com/s/164/ Frame 5AE7 		0
0
sync
t.adx.opera.com/pub/ Frame 5AE7 		0
0
dcmads.js
www.googletagservices.com/dcm/ Frame 6121 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/YfmWmjE-RQFztB4P7tvbzD_FkkmuY2y8E-l23GmtNPAeGPrzI4f-CggAdMfyGBhbTcqsIT7i2lzrP_EWbrhan3HEzcDmTCKaWleAH91oAuzvaXX50WDpDALxLUO-HVDtoZdWql5n6920TxUZvCRLO0Pp__1YTZNc103rRQ-QbvNQv_osiBdJTCuwzeQ7rLl3lF4jqPbhGp0NDVo31YtStuu1IIFy2RtIWu9Iu297DfkWu-IBsSaupA0OqL8Yn3T06yKuUThQFkZkdxRPnGXc9QDh4ZaosLkSsGMgf5nZgDmAht-1iMCW9Wbi3C5hVRSxqCWXpQUrSQlVeeeD56wyvdCMOtqOjKhDAGQujhDwGvaUfr4MoD7jDt2TmFqBk4ZLTGm8rYTeBet8arhcIoPG2kJpoteI-qpQXVWqDr7K1o2zLKrwTP4ppzptqM4hTbKIQkI9ZuHCv0OKx1v1Ssg0hpb45BR9E-nsNPVPXmBKmX0Ym_Jrb4ovlGPMXFDzPOH0m_zU5rTB9-VPVFyvlX0nKtS8pM-hwrQloSIA7gje6hRTWBGkGlX-UQHapqpthgxm7vZHvZW76WE_PGBHAThPAm-i007mPl69_6oG_A-tJwnY3Zksy2iTG8151BwVOgIYyBw6ELzf_cdANqKxMk7aumk3pRN4D_zfE0AqCfk496SpMoiOmV-3Qg9vMbjq3JXvr66Dnlf9L3kZ7f9yt9tqj0EduR6WOUDEb6j68AB4y6p5JWbM8uO6H9FwhIU1uUrxmyoj1cjZSj_G_ysdJcDjWwh9mleDH-HQtGItNGpu5C9hd5q8fRMyLmnEq2X1JX3VnC8p1JXwlneHS1WpRgPATmQUUFfzFpgXtc75EKYTgnLt7aJP6aGdFE60_CgpUW4huzP0skSa6ox4fD1mge4Db0JWUrdjbjd0YwAWvO7oIecgRjkblOhqAcsTs8vy7o0HwLD8VjCHijYbeRk2RVmFAKgn0B7jrOJizAoCtokqn4gP1ych83WFohrlvwALgtwPvIRw2BwRjuMk2-xOMHve1ZhNMV1DeFeRifPZppxb1QzHbemApSlQ0cTlFoJcJxcsUse09_RQtCCUGe2OrvFieHLOQpmNwP4wHdUr97atAJtczBMroDkG8rAZ4mzmf9Ttrqn3U5C8BAlGCylGWLs8PM-Cvi9eiIax72XcoDo1zWH5UsAC-FLH5cu3YV5n-4KOSnjD0MHqwpgXyrcNDkn5hKa1CBXHlhuunVeqfRa24uNqgDqCIesiLOnYxW-0WThX1yPezNklUazZ4YXg-FdwAeqgT-yu04oVXNDOeK1gP9QgR7stt2FemXOnOIZta87F3VljGNrzFmz4SPLkvkm4fpFFpYivUD-BhXgMy0i9bmX8Rx0zVMFNWInpF3eVVq9VZFtu_rJYVbQtdA65rKF2betqOsWlqnQ9obRZr7pTFYooId8LWEEXbr0srLoxRiGtP0Lh2d9m5DRDgaCY-AzK81t7RXjL8JUWVxTqYyU719ARTUp_sIoQIQRmMH2_MvNgP985i0PpVMI/wp/0.105044/tr/0.021009/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Mar 2023 21:46:12 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 6121 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/YfmWmjE-RQFztB4P7tvbzD_FkkmuY2y8E-l23GmtNPAeGPrzI4f-CggAdMfyGBhbTcqsIT7i2lzrP_EWbrhan3HEzcDmTCKaWleAH91oAuzvaXX50WDpDALxLUO-HVDtoZdWql5n6920TxUZvCRLO0Pp__1YTZNc103rRQ-QbvNQv_osiBdJTCuwzeQ7rLl3lF4jqPbhGp0NDVo31YtStuu1IIFy2RtIWu9Iu297DfkWu-IBsSaupA0OqL8Yn3T06yKuUThQFkZkdxRPnGXc9QDh4ZaosLkSsGMgf5nZgDmAht-1iMCW9Wbi3C5hVRSxqCWXpQUrSQlVeeeD56wyvdCMOtqOjKhDAGQujhDwGvaUfr4MoD7jDt2TmFqBk4ZLTGm8rYTeBet8arhcIoPG2kJpoteI-qpQXVWqDr7K1o2zLKrwTP4ppzptqM4hTbKIQkI9ZuHCv0OKx1v1Ssg0hpb45BR9E-nsNPVPXmBKmX0Ym_Jrb4ovlGPMXFDzPOH0m_zU5rTB9-VPVFyvlX0nKtS8pM-hwrQloSIA7gje6hRTWBGkGlX-UQHapqpthgxm7vZHvZW76WE_PGBHAThPAm-i007mPl69_6oG_A-tJwnY3Zksy2iTG8151BwVOgIYyBw6ELzf_cdANqKxMk7aumk3pRN4D_zfE0AqCfk496SpMoiOmV-3Qg9vMbjq3JXvr66Dnlf9L3kZ7f9yt9tqj0EduR6WOUDEb6j68AB4y6p5JWbM8uO6H9FwhIU1uUrxmyoj1cjZSj_G_ysdJcDjWwh9mleDH-HQtGItNGpu5C9hd5q8fRMyLmnEq2X1JX3VnC8p1JXwlneHS1WpRgPATmQUUFfzFpgXtc75EKYTgnLt7aJP6aGdFE60_CgpUW4huzP0skSa6ox4fD1mge4Db0JWUrdjbjd0YwAWvO7oIecgRjkblOhqAcsTs8vy7o0HwLD8VjCHijYbeRk2RVmFAKgn0B7jrOJizAoCtokqn4gP1ych83WFohrlvwALgtwPvIRw2BwRjuMk2-xOMHve1ZhNMV1DeFeRifPZppxb1QzHbemApSlQ0cTlFoJcJxcsUse09_RQtCCUGe2OrvFieHLOQpmNwP4wHdUr97atAJtczBMroDkG8rAZ4mzmf9Ttrqn3U5C8BAlGCylGWLs8PM-Cvi9eiIax72XcoDo1zWH5UsAC-FLH5cu3YV5n-4KOSnjD0MHqwpgXyrcNDkn5hKa1CBXHlhuunVeqfRa24uNqgDqCIesiLOnYxW-0WThX1yPezNklUazZ4YXg-FdwAeqgT-yu04oVXNDOeK1gP9QgR7stt2FemXOnOIZta87F3VljGNrzFmz4SPLkvkm4fpFFpYivUD-BhXgMy0i9bmX8Rx0zVMFNWInpF3eVVq9VZFtu_rJYVbQtdA65rKF2betqOsWlqnQ9obRZr7pTFYooId8LWEEXbr0srLoxRiGtP0Lh2d9m5DRDgaCY-AzK81t7RXjL8JUWVxTqYyU719ARTUp_sIoQIQRmMH2_MvNgP985i0PpVMI/wp/0.105044/tr/0.021009/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
QQJ668BZBFS4HH8S
age
2103
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
iZ8Tw8i+URsNh0EI8Ks8azviR080aIsTVtNNJGlN+51kCXeOXGhNC8QlkE81wwtMMaSkBmlt3GY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
pagead2.googlesyndication.com/bg/ Frame E861 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
437922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14343
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 19:34:22 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ Frame D11D 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1678137184768&sessionId=1ed01f09-916b-04ac-d555-23b00a3caba0&url=pastelink.net&cheqSource=1&cheqEvent=2&responseTime=999
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.95 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
c4eafea6055b26ed3a28e93366b59a81
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ Frame D11D 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136de6c636ed4682999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d65632f478afeed6e3471ebd49debd39e820d861c45085052aae2d05f91e46042ccd5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27799d7e9f38dbde6102ea07ee4befd2e0561ef876292e514bb131409d158598cd6c38681eb923bce6a88de93a349cd5c5513a2372bc2c692152187bc25fb07b1c04e9126f57e161f059e6de5098fc1ae29e3d46c8752a798ccd527d619566eec48135d7545778ba064a208ddd49129a28d6eaed0629a84eebe25dcfea74f617d99e4520483e6471a12faacba0da72687eb5ee8fc2db07abc32965ac809d4ad39db0721e4af8e7b3c39641f37085a17b6fc8a6cd06fab571d5123eacc34cd840a5eecb2dea6ae2993ffeef89aeaeca4090969b934d9f3072ada1d3209dd271f3439ea69ec360bc8eb8c&cb=1678137184768&cri=7mFAkFrbzl
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd...
pn.ybp.yahoo.com/ab/secure/true/imp/a4IVz0l34eGm8RkMtB1BMES-uHqvG4yu6srxxwZQckOH3Qhgab5JaFZqUv29WYdhPNPkMn-t1y9SmDOXRg3hk8WRGt5rw71mnZj91GfTQ-BHEQLwnwkPcriqywpuNKRzBlhEFy-blIakb0d1Uq3zCyja7VLI_gf3R... Frame 8E40 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/a4IVz0l34eGm8RkMtB1BMES-uHqvG4yu6srxxwZQckOH3Qhgab5JaFZqUv29WYdhPNPkMn-t1y9SmDOXRg3hk8WRGt5rw71mnZj91GfTQ-BHEQLwnwkPcriqywpuNKRzBlhEFy-blIakb0d1Uq3zCyja7VLI_gf3RdJqTnr2FJc7k7xg6GJI3CLmt2gWr264gfGjTSQkTqxdMbedynSIkwJ3HykmNmcSat405YAjWC_ULypR5uORJzSg1p3GenfYqYhuKQsHaQtYRtJy6jDoJoNGG8aEjY43EjQDkrXAOMS27dARi9v-TNk0PiDCVZc9WYQzT1kvBZcyNovEBvnkScm1hCsTlhDQDzOQI93OH7V0dej718sE8Hytq-nL6m62gDOkvhKbvscFh0t5urKbDCwBeg41JeDfstHUQ5PUsNwmLtDAIox1jtE9pIWpfuEO3gXvZ1gVJGk-2kg1e5M8TfBInSB0lZKHXYsb-MstCeot6BMGXgf2tv5ZTtvxnRhccmh99oUqaSR_nnW8C469Hk4YsCtMyzOxK06Z9dih6IKGmaJKYOIlLNHCHec4mkq5dZ3-C1U9EBbLKA0I_K3ZIvMyEEAPgNV1N0wdmnvzeJ7PDSMVVIRXSCyvhC3LgNyca0tu8MAsKLs-HBZhb_lplWwQ7zNzB-GOuNX0g-Y8U5UTmnbPeGu0uUNpO-V_WE5gS_9Bw8xlI7-V49eEP93u9ILd7QDCUoCPoP6R-j7bIcIB6ll3JZL2HLtBS3oCOJ7CJdjS5BpwbK8cEvtNBtZQ3lwc3ojQ96PGJWGxWN9eoEdhK1_5sNB5KxaHiocm2yc2Uvxa3OPacH_ezmdc3v-QaWtl4i_D1Rq8T7_XlFICXTolf7CFVps22fdNUvA1eHWk8z9IV8ihn-uDsp3PfHlklOQ_qpMbtsT4QLJbtRLsB6d5rCsNhPfNHEUWheSpkQYMNIoKnzvHAMIL3-odBJRKw-qJHsUMR6UchXWAGSMVyBX3VQYOaQDvkPSfqHXg1CkK3z7SwyojMER974awYrUdJqnKBOyhWIvPOI6XbOzmFa6952K5VP1Y43Y1CKiERRhtuuSnC5AEpiWwjO68dYqQF75m8qZQwOp8OH7U7vJtlo7ysBjUVNoYC3NyE-mviIvVi0jYDNiKoBfEi0ZsEmUsOhNplsEVzNOZx8iUBkqEpOeuDwPv3aMVJSLNiNtj8loDZ8umlc8AkvvhxT7MNKxvmsPEpLasrsnguM6-5blSDCbjOzK1FVdB-3_3JodrTxwVF0BlMOPzF7oWeCVWyHO3vY6seoCGu8i3S4uXFK6C6uq-l5fpRpjxC-YHSGaV6kG3XmaRB-AG34G0lJ9tjbUYccuSgrcIeFBL6q0ni4VPzWV0toGEUtS7gDYh8S022EE79QwZgf5mKfe0g8D4UW9hZg0HZl40xQTTHuSLTquFV4rDxFu2NnBRQQ1LSbXNyoPK9WNhMtYmNjfBsI_v6JsvkeB6ObZASuC-5kBLRi9oQ3amWLVyNM8hb5eHGpcPFPQ46JSx8sJImZH8H0EPmE22qw/wp/0.144945/tr/0.028989/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3D
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:2000:e4:1409::2000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
a86ebfe47ab8d5f8cd0a18dc7993961dc4ce3a2b098bd16cef961782b95d4f75
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
2544
adEvent.do
prod-m-node-2113.ssp.yahoo.com/admax/ Frame 8E40 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-2113.ssp.yahoo.com/admax/adEvent.do?tidi=770938897&dcn=8a9694b7017979eb7fb8f131172d008c&posi=1533753&grp=%3F%3F%3F&nl=1678137182332&rts=1678137182243&pix=1&et=1&a=e3a8feee-1249-40e4-906d-49e1e34e54e6&m=aXAtMTAtMjItMTQ4LTg5&p=MC4wMDAxNDQ5NDU&b=MTMyNDA7T0FUSDEwNDE1MzAwMDtoaXRhY2hpLmNvbS5zZzs7OztjMzdjZmYwZWYzY2M0OWVmYTkxZGQxMzFiYTBiNTEyZjs0Mjk2MDE4OTsxNjc4MTM0NjUxOzswLjAwMDExNTk1Njs7MDs7NTkwNTg5MzszMTVhODUzMGQ1MDQ0ZTE2NmUwNDhhMWFiYWQxZDU4ZWIzMmQ0NDljOzE7MTs.&uid=y-_FegUsZE2rNpBmG.uRl23SIl3vK2_XLQfoaE00k8t1WS%7EA&xdi=Pz8_fEdvb2dsZXxOVCAxMC4wfDE3fERlc2t0b3A.&xoi=MHxTR1A.&hb=true&type=6&af=2&dety=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.104.51 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-104-51.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Thu, 02 Mar 2023 15:14:28 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 8E40 		19 B
45 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
server
ATS/9.1.10.25
age
0
content-type
application/javascript
adfeedback-1.0.108.js
s.yimg.com/cb/af/ Frame 8E40 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/cb/af/adfeedback-1.0.108.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e5 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
JGMBBQ1HZJ1YKJCA
age
4999
x-amz-server-side-encryption
AES256
x-amz-id-2
PynZTWeZoJBup/Y2AsiIE3WHiBmVj23RPub6uw9wii9b43PqSYboREaj2SFIqUrV0iS3RBwzCd+hlo1Ec+VXGA==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Mar 2022 01:19:31 GMT
server
ATS
etag
"dfb006d8a1b6390f06824b94bd8fa5d8-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 8E40 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 18:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
CSPD20M2NCJXR8QW
age
10446
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
A0Ban6Y+poX+WUvtLT89ZgVcP/nHO6zoflh9cL8BOAwvCMr+wB1TyXObxIIcCiqajg01BvGExX8ttnGc6Exvtg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
v2
mb.moatads.com/s/ 		151 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&pcode=millennialnexageinapp768429046591&ord=1678137184168&jv=1999299792&callback=BrandSafetyNadoscallback_30769367
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/millennialnexageinapp768429046591/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.217.3 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-217-3.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
f1ede87ffc7ef867466aa4e9be409365ad170bb120ab375bbd2a5fb280d5a72c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"c68b4b6b273f3bc63d9d79a2ddb047185195c9cf"
content-length
151
content-type
text/html; charset=UTF-8
pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=173&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=pastelink.net&L1id=13240&L2id=OATH104153000&L3id=2226035&L4id=5476889&S1id=344663&S2id=1533756&ord=1678137184168&r=859295407128&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.99.100 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-99-100.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 06 Mar 2023 21:13:04 GMT
pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=173&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=pastelink.net&L1id=13240&L2id=OATH104153000&L3id=2226035&L4id=5476889&S1id=344663&S2id=1533756&ord=1678137184168&r=859295407128&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.99.100 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-99-100.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 06 Mar 2023 21:13:04 GMT
pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=173&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=pastelink.net&L1id=13240&L2id=OATH104153000&L3id=2226035&L4id=5476889&S1id=344663&S2id=1533756&ord=1678137184168&r=859295407128&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.99.100 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-99-100.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 06 Mar 2023 21:13:04 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F12796104088671087766&i=MILLENNIALNEXAGEINAPP1&ol=815673037&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-b3wpLQ%2FSrWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-rghCXLleOfQ59g%3D%3D&sc=1&os=1-fA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fpastelink.net%2Fkztoeqi1&id=1&ii=4&f=0&j=&t=1678137184168&de=859295407128&cu=1678137184168&m=629&ar=afa8d545547-clean&iw=a2fe2a0&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5636&le=1&lf=72&lg=1&lh=31&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1362%3A1362%3A1667%3A1344&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=173&cd=0&ah=173&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=13240%3AOATH104153000%3A2226035%3A5476889&bo=344663&bd=1533756&gw=millennialnexageinapp768429046591&zMoatOrigSlicer1=344663&zMoatOrigSlicer2=1533756&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=202228&na=978463304&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.140 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-140.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 06 Mar 2023 21:13:04 GMT
9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
pagead2.googlesyndication.com/bg/ Frame 728C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
437922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14343
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 19:34:22 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame 6121 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 14:12:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 5EE6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891266;dc_ver=95.280;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=2531837453;ord=3kyvb9;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2F5hEVfudGT3vHJ4PH-RLzhyp7J3QYTg_uFv4hiIv_dssOZp6lzLLUXXFyubT40-gI6SGlWYrNrNNvObFB_XJcszk__63L54FwtZ9qwXGEVUoV0w4Vy8BFyv-evLq8HxCfBGLdaKUzWVMwg9iZuhedvf9iggVRAVjHnwxdNks4_UP5taJdZgebmHFuc7GvjiWnw8WVnVjiW9GOOi-FCGs3Cbk3K9VHvVhmqOBt4Dt-h5SXvwxQoGJytfMkrFPvU1LYU41J6M3pdT3pM2662Y1bXFQguFZcTrq2wWt6OP7gWVzrJJe2005MXg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
6346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:27:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5EE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvm-qcSYjIzWPbY5JJhWp0mRTvs_m5nIhWXRgWMcqyPC-L5c13Si-SD9ydhvC9yenDHIcsLnmlqLc3k8LXTS7TllXGlZJ5791I7yQu0EdEsmZS0-sPKbr02QRNUHhrdMOYZ8HxVa_4v-Jb_DhmyhH4XLlueaQ&sai=AMfl-YSau8I7bsspiMtXYjw5D9cUuMSlqUt6tzIcf31lniqC80tZ3QWIQeIqTQap73OAvB1W6S2I3WUVNA_ggdUGtm6J4WaKJDOMDvlPeA&sig=Cg0ArKJSzKKnK6VF2m5PEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230302.97152&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891266;dc_ver=95.280;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=2531837453;ord=3kyvb9;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2F5hEVfudGT3vHJ4PH-RLzhyp7J3QYTg_uFv4hiIv_dssOZp6lzLLUXXFyubT40-gI6SGlWYrNrNNvObFB_XJcszk__63L54FwtZ9qwXGEVUoV0w4Vy8BFyv-evLq8HxCfBGLdaKUzWVMwg9iZuhedvf9iggVRAVjHnwxdNks4_UP5taJdZgebmHFuc7GvjiWnw8WVnVjiW9GOOi-FCGs3Cbk3K9VHvVhmqOBt4Dt-h5SXvwxQoGJytfMkrFPvU1LYU41J6M3pdT3pM2662Y1bXFQguFZcTrq2wWt6OP7gWVzrJJe2005MXg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5EE6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891266;dc_ver=95.280;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=2531837453;ord=3kyvb9;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2F5hEVfudGT3vHJ4PH-RLzhyp7J3QYTg_uFv4hiIv_dssOZp6lzLLUXXFyubT40-gI6SGlWYrNrNNvObFB_XJcszk__63L54FwtZ9qwXGEVUoV0w4Vy8BFyv-evLq8HxCfBGLdaKUzWVMwg9iZuhedvf9iggVRAVjHnwxdNks4_UP5taJdZgebmHFuc7GvjiWnw8WVnVjiW9GOOi-FCGs3Cbk3K9VHvVhmqOBt4Dt-h5SXvwxQoGJytfMkrFPvU1LYU41J6M3pdT3pM2662Y1bXFQguFZcTrq2wWt6OP7gWVzrJJe2005MXg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 15:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 15:30:48 GMT
13956212020200218433
s0.2mdn.net/simgad/ Frame 5EE6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13956212020200218433
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e77a06377f2dd89e4eae1e231a31b3243bd68bc785d80558d58c42f34cf0bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 13:52:50 GMT
x-content-type-options
nosniff
age
199214
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65059
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:57:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Mar 2024 13:52:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=175407&cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Requested by
Host: service.idsync.analytics.yahoo.com
URL: https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58301,57926,55936,55965,55859,55938&referrer=pastelink.net&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
be4830b3493fbe18c10145f72a1e9d0036d22c7e4ed1da049e5c0b8d7df08f2e

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1724
Content-Type
text/html
Date
Mon, 06 Mar 2023 21:13:05 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 06 Mar 2023 21:13:04 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5EE6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-1UqXNHBE2uUsLWXYEDldAlfcnaS2.Cg-~A%2...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156078&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156078%26xid%3Dy-1UqXNHBE2uUsLWXYEDldAlfcnaS2.Cg-~A%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjkyMTdEMUItNUVCRS00NzY1LUI5RTctQTFGQTk4Qjg2QzRD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&gdpr_consent=&partnerID=156078&pmc=1&pr=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58292%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D%26uid%...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=0&gdpr=0&gdpr_consent=&uid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&redir2=true
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
2406:da18:929:5a01:3027:3246:6166:fb40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0
date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 5EE6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58230/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-Pqtolt5E2uF2lByK.7hHUn2wWUiFqw--~A&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-Pqtolt5E2uF2lByK.7hHUn2wWUiFqw--~A&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
HTTP/1.1
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
AN-X-Request-Uuid
a7ee57dd-d2b5-4ffd-99a7-52a63b08736a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=verizonmedia&uid=y-Pqtolt5E2uF2lByK.7hHUn2wWUiFqw--~A&gdpr=0
date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58281/ Frame 5EE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CWmZHM2xORTJ1Rzc0UUlwdWlkNnN3SFl5QlBxbXBDYX5B&gdpr=0&gdpr_consent=&_origin=0
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ups.analytics.yahoo.com/ups/58281/sync?redir=false&gdpr=0&gdpr_consent=&_origin=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 5EE6
Redirect Chain
  • https://eb2.3lift.com/getuid?&gdpr=0&cmp_cs=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58382%2Fsync%3F_origin%3D0%26ums2%3D0%26redir%3Dtrue%26uid%3D%24UID%26gdpr%3D0%26gdp...
  • https://ups.analytics.yahoo.com/ups/58382/sync?_origin=0&ums2=0&redir=true&uid=2897923024276059055810&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/sync?px=1&gdpr=0&axid=y-bgqWoo1E2uI4v92Qs4QAHu_rqsRrU4GB~A&ums2=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3585500b-878f-4de3-92ab-e7f9bedd5d25&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=3585500b-878f-4de3-92ab-e7f9bedd5d25&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 06 Mar 2023 21:13:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=3585500b-878f-4de3-92ab-e7f9bedd5d25&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
sync
ups.analytics.yahoo.com/ups/56613/ Frame 5EE6 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/56613/sync?_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/58456/ Frame 5EE6
Redirect Chain
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID
  • https://ap.lijit.com/pixel?a=0&%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58456%2Fsync%3F_origin%3D0%26uid%3D%24UID&sovrn_retry=true
  • https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GRF5JLZHkANhD8MGRpCB5hjd
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GRF5JLZHkANhD8MGRpCB5hjd
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ups.analytics.yahoo.com/ups/58456/sync?_origin=0&uid=GRF5JLZHkANhD8MGRpCB5hjd
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
c1.adform.net/serving/cookie/match/ Frame 5EE6 		35 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=15&gdpr=0&gdpr_consent=&curl=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55944%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3d0%26gdpr_consent%3d
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
sync
ups.analytics.yahoo.com/ups/58294/ Frame 5EE6
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_consent%3D...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58294%2Fsync%3F_origin%3D0%26gdpr%3D0%26gdpr_conse...
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=996fcda3-4f1f-449b-b8c2-76e3b8d6e4c7
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=996fcda3-4f1f-449b-b8c2-76e3b8d6e4c7
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=0&gdpr=0&gdpr_consent=&uid=996fcda3-4f1f-449b-b8c2-76e3b8d6e4c7
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/58160/ Frame 5EE6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=oath&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LEXBJUTS-1Q-9ALV&gdpr=0
0
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LEXBJUTS-1Q-9ALV&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
1
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=0&uid=LEXBJUTS-1Q-9ALV&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
sync
ups.analytics.yahoo.com/ups/58529/ Frame 5EE6
Redirect Chain
  • https://ads.yieldmo.com/verizonsync?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58529/sync?uid=gece288d1fa91a36e168&_origin=0&gdpr=0&gdpr_consent=
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58529/sync?uid=gece288d1fa91a36e168&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://ups.analytics.yahoo.com/ups/58529/sync?uid=gece288d1fa91a36e168&_origin=0&gdpr=0&gdpr_consent=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
sync
ups.analytics.yahoo.com/ups/58222/ Frame 5EE6
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=vzn&ovsid=y-2aYMe4xE2uF0y9vShG5LLcnIWcapWsxL~A&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3...
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3211387858092148000V10&gdpr=0&gdpr_consent=
0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3211387858092148000V10&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
52.74.162.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 21:13:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=0&uid=3211387858092148000V10&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 06 Mar 2023 21:13:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EE6 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 21:13:04 GMT
pixel.gif
millennialnexageinapp768429046591.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://millennialnexageinapp768429046591.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=230&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=pastelink.net&L1id=13240&L2id=OATH104153000&L3id=2226035&L4id=5476889&S1id=344663&S2id=1533756&ord=1678137184168&r=859295407128&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fpastelink.net%252Fkztoeqi1&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.99.100 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-99-100.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 06 Mar 2023 21:13:04 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 8E40 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/a4IVz0l34eGm8RkMtB1BMES-uHqvG4yu6srxxwZQckOH3Qhgab5JaFZqUv29WYdhPNPkMn-t1y9SmDOXRg3hk8WRGt5rw71mnZj91GfTQ-BHEQLwnwkPcriqywpuNKRzBlhEFy-blIakb0d1Uq3zCyja7VLI_gf3RdJqTnr2FJc7k7xg6GJI3CLmt2gWr264gfGjTSQkTqxdMbedynSIkwJ3HykmNmcSat405YAjWC_ULypR5uORJzSg1p3GenfYqYhuKQsHaQtYRtJy6jDoJoNGG8aEjY43EjQDkrXAOMS27dARi9v-TNk0PiDCVZc9WYQzT1kvBZcyNovEBvnkScm1hCsTlhDQDzOQI93OH7V0dej718sE8Hytq-nL6m62gDOkvhKbvscFh0t5urKbDCwBeg41JeDfstHUQ5PUsNwmLtDAIox1jtE9pIWpfuEO3gXvZ1gVJGk-2kg1e5M8TfBInSB0lZKHXYsb-MstCeot6BMGXgf2tv5ZTtvxnRhccmh99oUqaSR_nnW8C469Hk4YsCtMyzOxK06Z9dih6IKGmaJKYOIlLNHCHec4mkq5dZ3-C1U9EBbLKA0I_K3ZIvMyEEAPgNV1N0wdmnvzeJ7PDSMVVIRXSCyvhC3LgNyca0tu8MAsKLs-HBZhb_lplWwQ7zNzB-GOuNX0g-Y8U5UTmnbPeGu0uUNpO-V_WE5gS_9Bw8xlI7-V49eEP93u9ILd7QDCUoCPoP6R-j7bIcIB6ll3JZL2HLtBS3oCOJ7CJdjS5BpwbK8cEvtNBtZQ3lwc3ojQ96PGJWGxWN9eoEdhK1_5sNB5KxaHiocm2yc2Uvxa3OPacH_ezmdc3v-QaWtl4i_D1Rq8T7_XlFICXTolf7CFVps22fdNUvA1eHWk8z9IV8ihn-uDsp3PfHlklOQ_qpMbtsT4QLJbtRLsB6d5rCsNhPfNHEUWheSpkQYMNIoKnzvHAMIL3-odBJRKw-qJHsUMR6UchXWAGSMVyBX3VQYOaQDvkPSfqHXg1CkK3z7SwyojMER974awYrUdJqnKBOyhWIvPOI6XbOzmFa6952K5VP1Y43Y1CKiERRhtuuSnC5AEpiWwjO68dYqQF75m8qZQwOp8OH7U7vJtlo7ysBjUVNoYC3NyE-mviIvVi0jYDNiKoBfEi0ZsEmUsOhNplsEVzNOZx8iUBkqEpOeuDwPv3aMVJSLNiNtj8loDZ8umlc8AkvvhxT7MNKxvmsPEpLasrsnguM6-5blSDCbjOzK1FVdB-3_3JodrTxwVF0BlMOPzF7oWeCVWyHO3vY6seoCGu8i3S4uXFK6C6uq-l5fpRpjxC-YHSGaV6kG3XmaRB-AG34G0lJ9tjbUYccuSgrcIeFBL6q0ni4VPzWV0toGEUtS7gDYh8S022EE79QwZgf5mKfe0g8D4UW9hZg0HZl40xQTTHuSLTquFV4rDxFu2NnBRQQ1LSbXNyoPK9WNhMtYmNjfBsI_v6JsvkeB6ObZASuC-5kBLRi9oQ3amWLVyNM8hb5eHGpcPFPQ46JSx8sJImZH8H0EPmE22qw/wp/0.144945/tr/0.028989/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 06 Mar 2023 21:46:12 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 8E40 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/a4IVz0l34eGm8RkMtB1BMES-uHqvG4yu6srxxwZQckOH3Qhgab5JaFZqUv29WYdhPNPkMn-t1y9SmDOXRg3hk8WRGt5rw71mnZj91GfTQ-BHEQLwnwkPcriqywpuNKRzBlhEFy-blIakb0d1Uq3zCyja7VLI_gf3RdJqTnr2FJc7k7xg6GJI3CLmt2gWr264gfGjTSQkTqxdMbedynSIkwJ3HykmNmcSat405YAjWC_ULypR5uORJzSg1p3GenfYqYhuKQsHaQtYRtJy6jDoJoNGG8aEjY43EjQDkrXAOMS27dARi9v-TNk0PiDCVZc9WYQzT1kvBZcyNovEBvnkScm1hCsTlhDQDzOQI93OH7V0dej718sE8Hytq-nL6m62gDOkvhKbvscFh0t5urKbDCwBeg41JeDfstHUQ5PUsNwmLtDAIox1jtE9pIWpfuEO3gXvZ1gVJGk-2kg1e5M8TfBInSB0lZKHXYsb-MstCeot6BMGXgf2tv5ZTtvxnRhccmh99oUqaSR_nnW8C469Hk4YsCtMyzOxK06Z9dih6IKGmaJKYOIlLNHCHec4mkq5dZ3-C1U9EBbLKA0I_K3ZIvMyEEAPgNV1N0wdmnvzeJ7PDSMVVIRXSCyvhC3LgNyca0tu8MAsKLs-HBZhb_lplWwQ7zNzB-GOuNX0g-Y8U5UTmnbPeGu0uUNpO-V_WE5gS_9Bw8xlI7-V49eEP93u9ILd7QDCUoCPoP6R-j7bIcIB6ll3JZL2HLtBS3oCOJ7CJdjS5BpwbK8cEvtNBtZQ3lwc3ojQ96PGJWGxWN9eoEdhK1_5sNB5KxaHiocm2yc2Uvxa3OPacH_ezmdc3v-QaWtl4i_D1Rq8T7_XlFICXTolf7CFVps22fdNUvA1eHWk8z9IV8ihn-uDsp3PfHlklOQ_qpMbtsT4QLJbtRLsB6d5rCsNhPfNHEUWheSpkQYMNIoKnzvHAMIL3-odBJRKw-qJHsUMR6UchXWAGSMVyBX3VQYOaQDvkPSfqHXg1CkK3z7SwyojMER974awYrUdJqnKBOyhWIvPOI6XbOzmFa6952K5VP1Y43Y1CKiERRhtuuSnC5AEpiWwjO68dYqQF75m8qZQwOp8OH7U7vJtlo7ysBjUVNoYC3NyE-mviIvVi0jYDNiKoBfEi0ZsEmUsOhNplsEVzNOZx8iUBkqEpOeuDwPv3aMVJSLNiNtj8loDZ8umlc8AkvvhxT7MNKxvmsPEpLasrsnguM6-5blSDCbjOzK1FVdB-3_3JodrTxwVF0BlMOPzF7oWeCVWyHO3vY6seoCGu8i3S4uXFK6C6uq-l5fpRpjxC-YHSGaV6kG3XmaRB-AG34G0lJ9tjbUYccuSgrcIeFBL6q0ni4VPzWV0toGEUtS7gDYh8S022EE79QwZgf5mKfe0g8D4UW9hZg0HZl40xQTTHuSLTquFV4rDxFu2NnBRQQ1LSbXNyoPK9WNhMtYmNjfBsI_v6JsvkeB6ObZASuC-5kBLRi9oQ3amWLVyNM8hb5eHGpcPFPQ46JSx8sJImZH8H0EPmE22qw/wp/0.144945/tr/0.028989/pa/null/pclick/https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 20:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
QQJ668BZBFS4HH8S
age
2103
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
iZ8Tw8i+URsNh0EI8Ks8azviR080aIsTVtNNJGlN+51kCXeOXGhNC8QlkE81wwtMMaSkBmlt3GY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e00...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 6121 		58 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fvkie6Dcs51Xmr7itAnXfkyv7_kvfyq8r4IfNvbxEuEM6r2SGtDmqMFMbc8YaaY3ysS4MGcikhyMLNIzNCU4us-vNHf1XVYB_Hyy8GSdDjPfwch7aEDAVkvI4-4L1yxcCKFiZerGePqWSyBvwEuc7RVdGmtNQIeNQeQoYHR0zEcNPoASbMcS-xL49ytdEbHo-XBYCLlEtTJHsB2U97RmANBRunykj3I88Js4CC7dGHTWDv23TWBIkGNyRAY8RWXzf4KXPAKO8OFGh81Tq63MJXgkIFONgRQBCXTGROnW1UjyOjJU6DbBydA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=107;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
60f879cc9051ffdcee1b10802a580d95a5a0016072bff541575b07940f108660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5EE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvm-qcSYjIzWPbY5JJhWp0mRTvs_m5nIhWXRgWMcqyPC-L5c13Si-SD9ydhvC9yenDHIcsLnmlqLc3k8LXTS7TllXGlZJ5791I7yQu0EdEsmZS0-sPKbr02QRNUHhrdMOYZ8HxVa_4v-Jb_DhmyhH4XLlueaQ&sai=AMfl-YSau8I7bsspiMtXYjw5D9cUuMSlqUt6tzIcf31lniqC80tZ3QWIQeIqTQap73OAvB1W6S2I3WUVNA_ggdUGtm6J4WaKJDOMDvlPeA&sig=Cg0ArKJSzKKnK6VF2m5PEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&vt=11&dtpt=107&dett=2&cstd=0&cisv=r20230302.97152&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891266;dc_ver=95.280;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=2531837453;ord=3kyvb9;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D85c7ea117ac24866b6691f860851dc58%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f13365510092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3De048fd6677294a959e1748c298a4ff00%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3D3c33e9eb-5096-4bd8-add5-ac283362cee9%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2F5hEVfudGT3vHJ4PH-RLzhyp7J3QYTg_uFv4hiIv_dssOZp6lzLLUXXFyubT40-gI6SGlWYrNrNNvObFB_XJcszk__63L54FwtZ9qwXGEVUoV0w4Vy8BFyv-evLq8HxCfBGLdaKUzWVMwg9iZuhedvf9iggVRAVjHnwxdNks4_UP5taJdZgebmHFuc7GvjiWnw8WVnVjiW9GOOi-FCGs3Cbk3K9VHvVhmqOBt4Dt-h5SXvwxQoGJytfMkrFPvU1LYU41J6M3pdT3pM2662Y1bXFQguFZcTrq2wWt6OP7gWVzrJJe2005MXg%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=104;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5EE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgDXM9uWLCJGu7rd3yllZH9BJVM-cKx9qfactzE0w86NTr8kyoX_8TPHqXUFzHDNMi4sZUQkr1_YJhFRAcVArMDGiv1NrppuG7vMzgxQ2g_QIBIg3MlF9mAAtgOkBZCqI29b8mXz2FnD96hh37TVkTkLvhOIY0qXG2YO8d5iNBFPcqgpmrK9lhkYCAa1-8RLf4VCebVqzmuH1WUQTjNIEEryGpDFykaaD8es65Ie5VuofqW0vNNXO34rKXZidF0Hf9rAiVHpNy0-BidUPDguYXbEBdj68HFbm2osZL5XeizO-byc_eBUTbKSPhs_Ei8-fFndWFp-CRRjytWzi4_WoY&sai=AMfl-YTA21y0xXh97n8sitMCA9mIfrcx74n1kCsKPZnoLWPth5hKoSTooI_Zbhm7LXLU9WLa8uPKd7bn4ssN9G_UMm6DQmlMnAleZKZhPzBLd1pNJhSD-ciMbfWOj5yiBEpLYnV6I9vvRSfQr3sSVQA8&sig=Cg0ArKJSzKxRp77G_yiSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:04 GMT
impl_v95.js
www.googletagservices.com/dcm/ Frame 8E40 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 14:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Mar 2024 14:12:02 GMT
tap.php
pixel.rubiconproject.com/ Frame 5E9D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=&expires=30
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3585500b-878f-4de3-92ab-e7f9bedd5d25&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5E9D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9373KwNMTxO4MDqFJlERFQ&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9373KwNMTxO4MDqFJlERFQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9373KwNMTxO4MDqFJlERFQ&gdpr=0
Protocol
HTTP/1.1
Server
52.95.118.179 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G1VREDGED0262F4KDX9Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=9373KwNMTxO4MDqFJlERFQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5E9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEM2_he10k9MV7AWiL1kASUo&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEM2_he10k9MV7AWiL1kASUo&google_cver=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEM2_he10k9MV7AWiL1kASUo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5E9D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PwQWbtyoTNeLFfAztZm79A&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PwQWbtyoTNeLFfAztZm79A&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PwQWbtyoTNeLFfAztZm79A&gdpr=0
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9SHA5FTWMK9YTENPS690
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PwQWbtyoTNeLFfAztZm79A&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5E9D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/xlpqGKVJZmiJ-VD4CCvTl8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iKoxlqNE2oKyxd9oPQGVKZBDLYymGj15GEM8AQ--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iKoxlqNE2oKyxd9oPQGVKZBDLYymGj15GEM8AQ--~A
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 06 Mar 2023 21:13:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-iKoxlqNE2oKyxd9oPQGVKZBDLYymGj15GEM8AQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 5E9D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXBJUTS-1Q-9ALV&gdpr=0
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXBJUTS-1Q-9ALV&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:04 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 848E9A62D4404CFA9C77A7227018A3E3 Ref B: SIN30EDGE0405 Ref C: 2023-03-06T21:13:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2QcLNpA54YIkwk/CKyg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEXBJUTS-1Q-9ALV&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5E9D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYQkpVVFMtMVEtOUFMVg==&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYQkpVVFMtMVEtOUFMVg==&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVYQkpVVFMtMVEtOUFMVg==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5E9D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzAzYzdiOTZhNjUwNTQ1YTA2OWU4MTE2OTc4ODA2NTRkZWNiMDkzNA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzAzYzdiOTZhNjUwNTQ1YTA2OWU4MTE2OTc4ODA2NTRkZWNiMDkzNA&gdpr=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzAzYzdiOTZhNjUwNTQ1YTA2OWU4MTE2OTc4ODA2NTRkZWNiMDkzNA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame 5EE6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844bbe1afe0ef257f14bbf3d0045cf1054fafc4c072b288e2a996239133a38a9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
B28320074.359891278;dc_ver=95.280;sz=728x90;u_sd=1;gdpr=0;dc_adk=1037517726;ord=dxpbdc;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d00...
ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/ Frame 8E40 		58 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891278;dc_ver=95.280;sz=728x90;u_sd=1;gdpr=0;dc_adk=1037517726;ord=dxpbdc;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FBAyiuAcgO7lGaYpLPnGAYohaPXQ7e6l6CfMJTUn3m255zvTZxWlPvh4Xc768OThEwMzBzbXpBy_V5syeOmNpkC57giQJ5tJhF84c52jBjIfn2amPgGtI5i_Nhcmr6-WQHpXKDflZeEiZCDvXAshOaDl_8vZzMb9BchSP4iSORXm7HFQ6pWj-v0niIL65T_5GXpyHm8c9hmBaZjvuTOGTeQdSR6cBSViX9P56ICoiTXrJOdjkMf46eVNDiw4KBGzd6PFWMI-2guSHJcS3lrd8-uhy-yrKS5qkttPTjoEB9EQNbOr9WmH4BA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f148.1e100.net
Software
cafe /
Resource Hash
229a89f6a8da0180003a1e15dc6401355987b51101e4aed0800b17d7212e63e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12796104088671087766
s0.2mdn.net/simgad/ Frame 6121 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12796104088671087766
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fvkie6Dcs51Xmr7itAnXfkyv7_kvfyq8r4IfNvbxEuEM6r2SGtDmqMFMbc8YaaY3ysS4MGcikhyMLNIzNCU4us-vNHf1XVYB_Hyy8GSdDjPfwch7aEDAVkvI4-4L1yxcCKFiZerGePqWSyBvwEuc7RVdGmtNQIeNQeQoYHR0zEcNPoASbMcS-xL49ytdEbHo-XBYCLlEtTJHsB2U97RmANBRunykj3I88Js4CC7dGHTWDv23TWBIkGNyRAY8RWXzf4KXPAKO8OFGh81Tq63MJXgkIFONgRQBCXTGROnW1UjyOjJU6DbBydA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=107;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2dfca51adb5f527dc72370ab5a6d140ca2b62e6eb5a865909a351a551fe297a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 16:53:46 GMT
x-content-type-options
nosniff
age
101959
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76624
x-xss-protection
0
last-modified
Thu, 04 Aug 2022 07:09:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Mar 2024 16:53:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 6121 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fvkie6Dcs51Xmr7itAnXfkyv7_kvfyq8r4IfNvbxEuEM6r2SGtDmqMFMbc8YaaY3ysS4MGcikhyMLNIzNCU4us-vNHf1XVYB_Hyy8GSdDjPfwch7aEDAVkvI4-4L1yxcCKFiZerGePqWSyBvwEuc7RVdGmtNQIeNQeQoYHR0zEcNPoASbMcS-xL49ytdEbHo-XBYCLlEtTJHsB2U97RmANBRunykj3I88Js4CC7dGHTWDv23TWBIkGNyRAY8RWXzf4KXPAKO8OFGh81Tq63MJXgkIFONgRQBCXTGROnW1UjyOjJU6DbBydA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=107;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
6347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:27:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGTMdbeplrOioOAl2BnYgctwrT6BfJxe_xJZe5_Kgu0Ld4ChELTRd8s9cBxfIElQDsZoVcr4uiB5Rgt_T_Tnt9hr_9VieGOWUGjHPTyMjJBdLDZSKCTGjrF9fN3mjIcHG4PwVRAKERKUKdQOqQGfibr7IC6g&sai=AMfl-YTv22aYo-Mmd8XzVUoCozOTrqRED6kZElLRN6O-bS3ZOFLEiKL8TjNcibg0GH8AKyDC4DcLg7IzqD8esI64bEKqUSiCeSkSWI_sIw&sig=Cg0ArKJSzPKd_zRoiJmfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230302.05503&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fvkie6Dcs51Xmr7itAnXfkyv7_kvfyq8r4IfNvbxEuEM6r2SGtDmqMFMbc8YaaY3ysS4MGcikhyMLNIzNCU4us-vNHf1XVYB_Hyy8GSdDjPfwch7aEDAVkvI4-4L1yxcCKFiZerGePqWSyBvwEuc7RVdGmtNQIeNQeQoYHR0zEcNPoASbMcS-xL49ytdEbHo-XBYCLlEtTJHsB2U97RmANBRunykj3I88Js4CC7dGHTWDv23TWBIkGNyRAY8RWXzf4KXPAKO8OFGh81Tq63MJXgkIFONgRQBCXTGROnW1UjyOjJU6DbBydA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=107;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6121 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fvkie6Dcs51Xmr7itAnXfkyv7_kvfyq8r4IfNvbxEuEM6r2SGtDmqMFMbc8YaaY3ysS4MGcikhyMLNIzNCU4us-vNHf1XVYB_Hyy8GSdDjPfwch7aEDAVkvI4-4L1yxcCKFiZerGePqWSyBvwEuc7RVdGmtNQIeNQeQoYHR0zEcNPoASbMcS-xL49ytdEbHo-XBYCLlEtTJHsB2U97RmANBRunykj3I88Js4CC7dGHTWDv23TWBIkGNyRAY8RWXzf4KXPAKO8OFGh81Tq63MJXgkIFONgRQBCXTGROnW1UjyOjJU6DbBydA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=107;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 15:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 15:30:48 GMT
truncated
/ Frame 6121 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2616aa5649e77485785a6df3039bd10bbccfb78203880b47a625235458157d70

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8BB1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
289348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 12:50:37 GMT
expires
Sat, 02 Mar 2024 12:50:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE8BqISx8HwHZZdLznx_3Sg&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE8BqISx8HwHZZdLznx_3Sg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE8BqISx8HwHZZdLznx_3Sg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3585500b-878f-4de3-92ab-e7f9bedd5d25&expiration=1680729185&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3585500b-878f-4de3-92ab-e7f9bedd5d25&expiration=1680729185&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3585500b-878f-4de3-92ab-e7f9bedd5d25&expiration=1680729185&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZAZXYEpUzMktMBcOj8P22AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRdUWaovdU5uKRXnkHs61o&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRdUWaovdU5uKRXnkHs61o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELRdUWaovdU5uKRXnkHs61o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7EC7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
52.46.151.131 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
05DPGBCM04H8W0ZTJB8Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0KWGBQ965VNXBMDXFE5V
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 7EC7 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:22e:4f05:9b8b:4903:ea64:de6a -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9015009517222667117
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9015009517222667117
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9015009517222667117
pragma
no-cache
date
Mon, 06 Mar 2023 21:13:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3964265803677574557
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3964265803677574557
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 06 Mar 2023 21:13:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
209.58.162.217; 209.58.162.217; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a9d3bf0c-876f-4d66-9a51-45d161b3e411
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3964265803677574557
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EC7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=79888E5A804D40D5AEAFAD1CDEF59C84
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=79888E5A804D40D5AEAFAD1CDEF59C84
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=79888E5A804D40D5AEAFAD1CDEF59C84
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 05 Mar 2023 21:13:05 GMT
ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7EC7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=0&redir2=true&uid=ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F55940%2Fsync%3F_origin%3D0%26redir2%3Dtrue%26uid%3D&s=175407&C=1
Protocol
H2
Server
2406:da18:929:5a01:3027:3246:6166:fb40 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZAZXYEpUzMktMBcOj8P22AAAEyoAAAIB
date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
googleads4.g.doubleclick.net/pcs/ Frame 6121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGTMdbeplrOioOAl2BnYgctwrT6BfJxe_xJZe5_Kgu0Ld4ChELTRd8s9cBxfIElQDsZoVcr4uiB5Rgt_T_Tnt9hr_9VieGOWUGjHPTyMjJBdLDZSKCTGjrF9fN3mjIcHG4PwVRAKERKUKdQOqQGfibr7IC6g&sai=AMfl-YTv22aYo-Mmd8XzVUoCozOTrqRED6kZElLRN6O-bS3ZOFLEiKL8TjNcibg0GH8AKyDC4DcLg7IzqD8esI64bEKqUSiCeSkSWI_sIw&sig=Cg0ArKJSzPKd_zRoiJmfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=87&vt=11&dtpt=86&dett=2&cstd=0&cisv=r20230302.05503&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.349834762;dc_ver=95.280;sz=300x250;u_sd=1;gdpr=0;dc_adk=374117366;ord=zau01o;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a969df9017979eb7899f1347b2e0090%26n%3DYahoo%2BSSP%26id%3D91623925751542bb9abab713864368e2%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a969df9017979eb7899f1353ef10092%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182336%26rts%3D1678137182243%26ari%3D33e842386fe149fe87a6f94e74a5b51c%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3Daff073f1-834d-405d-a962-898debca10d8%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2Fvkie6Dcs51Xmr7itAnXfkyv7_kvfyq8r4IfNvbxEuEM6r2SGtDmqMFMbc8YaaY3ysS4MGcikhyMLNIzNCU4us-vNHf1XVYB_Hyy8GSdDjPfwch7aEDAVkvI4-4L1yxcCKFiZerGePqWSyBvwEuc7RVdGmtNQIeNQeQoYHR0zEcNPoASbMcS-xL49ytdEbHo-XBYCLlEtTJHsB2U97RmANBRunykj3I88Js4CC7dGHTWDv23TWBIkGNyRAY8RWXzf4KXPAKO8OFGh81Tq63MJXgkIFONgRQBCXTGROnW1UjyOjJU6DbBydA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=107;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6121 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssr2nBo6_vPfDMkpS-Ta05NxDL8TazoAmTCmlksx3cU8QdOmsxVi6SSTXAwI5PpHgnIz_w6Rz86hkN-j_N6GhR3uRyT2it4NA2tHmd5t6faA5TK-ogAPFacm9P-8fKynqv7yzwEVDEz3LesGbVZwMhpdynUnrEPJV_xGbpAJ3qYSDVvEav0iTc3hf3vicgzftOAkwuICQewRCNKhhvqTx0g_iIqVFlQ7kkpbO1vxcFkDP5xD5Z0uIo50OCgZLR857I5MyUiMw2hYjvn-41Ga3zQON2vnzAOmwj7MWt5Q9etCDxk67qb3w9Q15De3KU1nPv6EAWoFHGoeVzHBXX2uf3oiUw&sai=AMfl-YTjk8SWkrWH3TymdF7wpbkMzQI5v1_jhK3OQA70-htnSeBzIStxUQjoMq7cQrTEhBPpdSyFMqOwC3BnoXs_d3pfi83AA593hv8VNkvbLkeyY1ZBo2iV7m0nrHY8ZODnoeqUNXrQ2tfwcbWjzNE&sig=Cg0ArKJSzEJbflDu3hplEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:05 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/ Frame 8E40 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230302/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891278;dc_ver=95.280;sz=728x90;u_sd=1;gdpr=0;dc_adk=1037517726;ord=dxpbdc;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FBAyiuAcgO7lGaYpLPnGAYohaPXQ7e6l6CfMJTUn3m255zvTZxWlPvh4Xc768OThEwMzBzbXpBy_V5syeOmNpkC57giQJ5tJhF84c52jBjIfn2amPgGtI5i_Nhcmr6-WQHpXKDflZeEiZCDvXAshOaDl_8vZzMb9BchSP4iSORXm7HFQ6pWj-v0niIL65T_5GXpyHm8c9hmBaZjvuTOGTeQdSR6cBSViX9P56ICoiTXrJOdjkMf46eVNDiw4KBGzd6PFWMI-2guSHJcS3lrd8-uhy-yrKS5qkttPTjoEB9EQNbOr9WmH4BA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 19:27:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
6347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 20 Mar 2023 19:27:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8E40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2sD-MthLJpidqfzm7yuyuy_9qsygdX0Oa3GleJzq5QeTaUQMflGayswrVFgRYP_-r6Wj9MEuiSOVsZtRQaqCKecq0w10LC7Pav0xTGEteqIbfB26vuiwiYopfQVFcaKy7oW7QabVk-uOi7mCn6Sw3ZC6Jkg&sai=AMfl-YRDzxncOtBTrV38ffjPXJXoE6fJkJvxgimNPyDcXAiwyWkyZ68qikwIUAEaHgYG1nargk90sH2YwWs2r4Zd1reQMEItd4IrQQufJg&sig=Cg0ArKJSzEYQ9zzKq7qEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230302.32032&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891278;dc_ver=95.280;sz=728x90;u_sd=1;gdpr=0;dc_adk=1037517726;ord=dxpbdc;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FBAyiuAcgO7lGaYpLPnGAYohaPXQ7e6l6CfMJTUn3m255zvTZxWlPvh4Xc768OThEwMzBzbXpBy_V5syeOmNpkC57giQJ5tJhF84c52jBjIfn2amPgGtI5i_Nhcmr6-WQHpXKDflZeEiZCDvXAshOaDl_8vZzMb9BchSP4iSORXm7HFQ6pWj-v0niIL65T_5GXpyHm8c9hmBaZjvuTOGTeQdSR6cBSViX9P56ICoiTXrJOdjkMf46eVNDiw4KBGzd6PFWMI-2guSHJcS3lrd8-uhy-yrKS5qkttPTjoEB9EQNbOr9WmH4BA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:05 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8E40 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891278;dc_ver=95.280;sz=728x90;u_sd=1;gdpr=0;dc_adk=1037517726;ord=dxpbdc;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FBAyiuAcgO7lGaYpLPnGAYohaPXQ7e6l6CfMJTUn3m255zvTZxWlPvh4Xc768OThEwMzBzbXpBy_V5syeOmNpkC57giQJ5tJhF84c52jBjIfn2amPgGtI5i_Nhcmr6-WQHpXKDflZeEiZCDvXAshOaDl_8vZzMb9BchSP4iSORXm7HFQ6pWj-v0niIL65T_5GXpyHm8c9hmBaZjvuTOGTeQdSR6cBSViX9P56ICoiTXrJOdjkMf46eVNDiw4KBGzd6PFWMI-2guSHJcS3lrd8-uhy-yrKS5qkttPTjoEB9EQNbOr9WmH4BA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 15:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Mar 2024 15:30:48 GMT
18309319474515844530
s0.2mdn.net/simgad/ Frame 8E40 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18309319474515844530
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac09a3ed40d3ea87cbfff83f8481daa1858ad67c98196cc4327591187fe3d63f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 16:30:43 GMT
x-content-type-options
nosniff
age
276142
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51268
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:58:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Mar 2024 16:30:43 GMT
truncated
/ Frame 8E40 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba71c96c42fd3122769586fdd7de0e5d6c92c1fdc34a6d0a8425cdb12de55fbc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 8E40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2sD-MthLJpidqfzm7yuyuy_9qsygdX0Oa3GleJzq5QeTaUQMflGayswrVFgRYP_-r6Wj9MEuiSOVsZtRQaqCKecq0w10LC7Pav0xTGEteqIbfB26vuiwiYopfQVFcaKy7oW7QabVk-uOi7mCn6Sw3ZC6Jkg&sai=AMfl-YRDzxncOtBTrV38ffjPXJXoE6fJkJvxgimNPyDcXAiwyWkyZ68qikwIUAEaHgYG1nargk90sH2YwWs2r4Zd1reQMEItd4IrQQufJg&sig=Cg0ArKJSzEYQ9zzKq7qEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=103&vt=11&dtpt=102&dett=2&cstd=0&cisv=r20230302.32032&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9410.3763695YAHOO/B28320074.359891278;dc_ver=95.280;sz=728x90;u_sd=1;gdpr=0;dc_adk=1037517726;ord=dxpbdc;click=https%3A%2F%2Fprod-m-node-2113.ssp.yahoo.com%2Fadmax%2FadClick.do%3Fdcn%3D8a9694b7017979eb7fb8f131172d008c%26n%3DYahoo%2BSSP%26id%3D0e928431da9d4b0ca3f7195b6eff8658%26tid%3D8a96954f01747430358b3ccd3850042e%26nid%3D8a808aee2edf264a012f0d6ee4e87844%26pos%3D8a9694b7017979eb7fb8f131d634008e%26grp%3D%253F%253F%253F%26type%3D6%26nl%3D1678137182330%26rts%3D1678137182243%26ari%3Dc37cff0ef3cc49efa91dd131ba0b512f%26b%3DMTMyNDA7Ozs7Ozs7NDI5NjAxODk7Ozs7Ozs7Ozs7MTs.%26a%3De3a8feee-1249-40e4-906d-49e1e34e54e6%26rdm%3D1%26rd%3Dhttps%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FBAyiuAcgO7lGaYpLPnGAYohaPXQ7e6l6CfMJTUn3m255zvTZxWlPvh4Xc768OThEwMzBzbXpBy_V5syeOmNpkC57giQJ5tJhF84c52jBjIfn2amPgGtI5i_Nhcmr6-WQHpXKDflZeEiZCDvXAshOaDl_8vZzMb9BchSP4iSORXm7HFQ6pWj-v0niIL65T_5GXpyHm8c9hmBaZjvuTOGTeQdSR6cBSViX9P56ICoiTXrJOdjkMf46eVNDiw4KBGzd6PFWMI-2guSHJcS3lrd8-uhy-yrKS5qkttPTjoEB9EQNbOr9WmH4BA%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fpastelink.net%2Fkztoeqi1$0;xdt=0;crlt=Gt4xQ*Crxy;gcsr=m;stc=1;chaa=1;sttr=61;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8E40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI3SWDFloPAbiXPUOPaykfOr8WsVFmrWknc44v-pTsMwNkQ0moiHPwJaaMn1R5I30WJ33offXwbhZrx25yl2budNQYWiExq_MQuCADHDga17Irb-F-f29Ws_E84z2RC2qFi1Ub7bzndBEsby5boXBh37Y0tUIS111-ibmHvpcfSYPy4AQG9U1Rm0Y_N6i5cOi8XwdxPJFHkYFFLBNDvA29MLuK79MtPGjXjjrHPeOVtRrinDv4DSLSvBV8DirkeNQ_DQwX50yRPjHMpO_TZxo4Act1EgdstfgNAYWCZFA234NuaN0B8mqml2CC8j9LIa054Kf5PhbAg4h_nCgT5D7pgnIHp02-j_WzVSk&sai=AMfl-YRb3TooZMh-_R7JhE2WIUaHQd3DPXEKvSLP0-pDxts3Hm-qjGQBuaPBuDKV-PygwALQwreuAIa4STG1jDDnVynfPHo-dY5hVTLYdxfgEiV0Nql4Id8zKnCMkIuMUH2CPNuav06vuCIn7fiVz96h&sig=Cg0ArKJSzAaoSBVtgDjHEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Mar 2023 21:13:05 GMT
9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
pagead2.googlesyndication.com/bg/ Frame 8BB1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
437923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14343
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 19:34:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A86A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
289348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 12:50:37 GMT
expires
Sat, 02 Mar 2024 12:50:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7AA3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
289348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Mar 2023 12:50:37 GMT
expires
Sat, 02 Mar 2024 12:50:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E861 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdUu8YFcGZKWxFb_KmsMPl76NyA4AAAAAOAHgBAI&bg=!AwClAFTNAAbv3-2Ez987ADkAdvg8WjXnNv9zPdLsjUygCLu1L7GljVWLHJTXid5_yVGAj4V_fb731X1iNcALGDGhkRyoOM6PbxACAAABgVIAAAAEaAEHCgB0uePXte2_Fn3YFdYaq2Rx3XXEg9Ck_YeKFsTQBKwpEvAtYRhk7qkt5pu_5kmhRHxrAEM-kEOgkkX9ZbtwMb-FWUbHHAAOz9eo_IyqsU3p3vj1kdKYzrnXl4XY6tXaY2ucyYrFk-H5rz6iP9h0dh7zNvqDGHiZAtGAMc7QSNryp6ZPX95Svcrb7XALhHTf91P6rRqFc6pdG3v8DsgzmPIFTesvRKpexs-ki93ZA0aivizWikcF52wUeoEBYBf9PeBbviY1E9HdkqNSIur1SPUO7-gqjGmc_raMvaMBzO0IJlf4uUgnaC9Flgty-Hbmn1-vB_6ne9t7Y8zWpDK46vb695nkdezUsgc4jv_jScfDVCYAT-UaXCwVyPCSm2B51NHXr8pNP765lDK9nBYUn8tov1P6GeW3BpacC60C7PjkAcYadTnUtQeb9o7rOlp2tJ5VLuTa1Y6N8PT_aj_LVwUmdkroEPz444vmx4kQ1HtO-Gs3bQeOXTz5VtHPY4ajV_86P8YLsZbG4U5WBRyVJCCVYWYegTk3mEd74Eiq9Hz-jGtWKNJpA8Uv1kedILV_5AkVzVPPXIHMIgQPYT4-dShPIj2QkwtqP8iyqYixuAn43h_kI87DQ8UW_SqzXAuLdkD72A-3qzevSwNerhIl1wVeZjVPqWtll-IiaEdRBLBZgnTS0UuKAVDd3wT4pVFyT8i3KoG9FowlKruIZ5blWdtRnR_DzHXhvb29YF_2ayWkRKmPVklUdt634Dye4uT0W-WhWGHCfOfbSeJtqxZnjhpVoa2C8LgtavsojjslEfPMIVv6IHKFXQz4QBLA89Ym0v5w3aV37XQ3H2Aro-DtlrlUhO2QIWdqNpbqwiuC4Ahp3o5EOSgm34KNjvoY-E4YAw7LbiXQvyYh4HNYpG4vqo9jKjpyhErMyM-mGvEKK4dFwYsb6WWlZVKTYuauhANYWAZ_YyPNhYxFjY1jvVWN_O3EKIwepE1HBAzkBZ5Mz9T-I7En4CJ5KEkg5p_yusbfLIDdqhYxet0p3Scd_WigyZqCmD8AqbuSMKMgL5oWph3G3anH5DZ7JquMuVO42xh4KoDYMllB0C6LbBEjyGGlHPFkoH6RoToi00MW
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
pagead2.googlesyndication.com/bg/ Frame A86A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
437923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14343
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 19:34:22 GMT
yv
beap-bc.yahoo.com/ Frame 7C28 		43 B
769 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=6493274657918480828:1678137182637&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=_shz4BzphTjq2lJlDwWFEpe6P-pE6SiagCQBcueIZwAyy4LYxdFcUreWPrGW2yIrpcJrUubNd4dODs-ZRkbQmpNDL5hZCoVMW6aDubWs0Kc1oLlutzEXvKnlA_5xMKEgmzRHwR0qK3pvRTQt64TTk5SLzfz8cm8LiWk8ZWx9lesrZpX_OXYXE8dFbdNbWfSY7U3Q95ZdDtzwUFsNxu8UbxDlPllbR9wgXMhR5Zz3MFI&iv=100&v=1&m=2&r=1678137185594&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 7C28 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8OJAY_9BtbvQuNveCNzhM3lAKXpa22VrXuDOZ8Zc6IJsE2Yr-wUVgckisTjasJYwXAlDdXMDRdZQa6S3J2UnAD4VJ66ti&sig=Cg0ArKJSzA8th1v1TuOdEAE&id=lidar2&mcvt=1025&p=0,0,250,300&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2114194144&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678137184258&rpt=295&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7C28 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvZ1sv55EIdGEQVDvmYNKWEGvem2q_cSVkORg8M1qv9gI9A3lgMC-KRH0sUebLFUy_opZk-QpuKiQrh3K643NJv_t2alP66yFOxcac0RIMiqdjCHQJ&sig=Cg0ArKJSzNGlcwWn8NcJEAE&id=lidar2&mcvt=1028&p=341,310,595,610&mtos=0,1028,1028,1028,1028&tos=0,1028,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2603746535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678137184258&rpt=292&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 728C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1yoAYFcGZPnuFdGWvwScm4CQAwAAAAA4AeAEAg&bg=!KCulK3_NAAbv3-2Ez987ADkAdvg8WgG-Ey0spqnoa-UREoktJwMbNodT7H0lI1HUN8jGIokGwz5B0UZ2_7SmfNKzI_Z_GJ_WbQoCAAABTFIAAAACaAEHmQLA_Mmx9RGEltPbWrKmlEO6AFSVfoSiBF0mycAaa8b6D5jssz2TJpt5jz9yWbWWOQsCOowj9yZT22-A4Y17Ox85wlSjG889fFIArsi7u-3BFwGCUS1-_4w2Tl_3FX2j1336Jrf-fvSmREwRjrv5o7y4JHAJWvWQPMUHdvGGJaVvqBUVF7QsYMwmUP-LvCalz1mozCeLHI7ze1yGYhJjPQ5KfL2Om3v-mmiLLePndEuQv4wyAEdTJG1crcACGOfPFFQRVz5t8ex3AzfLwsx_GPhI89BviprBjzNKf_S4LpW6QkkDNi_fVfje1hwZtw_Scx_eTVFdGh7mqOuzqukUKkhVN640xTsZmawjGFnoLAP7D83DBE7S9lhxvH_PfqDL-7pCFw6YcQY9_B0dsJllTpMtlTa4OGAM5AI1e38qAeQ7nR3-EP2X8dEp54mfecCDH25BlQ9YjSyqPqrg_Wq8T2fikWL4NOliwSyA2gAW8CeLKVnanVUbBq_WnIP8sv9lPYBfhWhuPunObfCYIBWIAa_JoaqgOYuFcZtvogNFRh9jc7XbayariHq7H56RkxtV5yK2OygMM-w-hkDWKDAOJujslHK_xqxVLNcAwlB8lGvHKWMfg073FPRqOQ790HMShnj9IQI3j4txsd1NbiUyzqgh48WNmHVAsx-_WLHFm3wM3HWvjEtzn-dNiMNoHvKS-IHWdgnd368APHu4Wpd-7xLbyZzxzsjTk_MgFg2PGJb-HiNs_mmdMxHOwq429f9rZLTETXej4dpsGB_69n4yf4sfnI1jvVDP5wuL8EvImqI4ulzdAH9EiYUWIgldT20Jz-7qAbmC9SfXagpMg42nByzA8x_KACPlnePhomPTx3M7GqlkKWGH4D38PC_dK1ZGgL-Lpd9n3opepbVAKvt59jig01ckGymFzwKyYMK0sQOL8bk
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
pagead2.googlesyndication.com/bg/ Frame 7AA3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
437923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14343
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Feb 2024 19:34:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BB1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCgnXYFcGZM_CLM6P3LUPnfOa-AwAAAAAOAHgBAI&bg=!-fql-q7NAAbv3-2Ez987ADkAdvg8WvNNWaoXOJeiMPL2Tk6IMR-hCtJsneoyHnx0pZTUmwUKxXWGhy9ORbAcXSxx5oVEK8CL91ICAAABv1IAAAACaAEHmQKuspKtK7nsGgc6PPDmsahehohWcBPQbMTPcImpINA9smO70eQNyuoSweJBbrx_BI0jI4mlR0raMLFV5lBgiSnmqEqDLc7zbz8EvsI-9ZjKP2GGNR79CLKIK-p3lHlNzIUiPQIinjB4RnnoHOkV8lBbr8c8sVSYkxOg27XOc0FdYNfFepkuReABcOkuTFOu8NeycGojc48_rMLLUdZ8KljzYi0RqP26SjFh3nVUGZjY6fIKI3XkcRZCt8c3OcHs5IQer3wa8al_JaXKuwBvJ-9qQHnaKy_N2d-ECTIuFOQusuWIsM-Z1j4N47L__1fs1f4N8zTfn_vB9VNMVMnBFOQRAx0nCNHVPPRGhGe915WzQYrG8RY0fuohiCxlmSk09NmecbZX3Qccr4HNrHH_2-M3MJCIlXdY1dcvd6AK5Ln_pkWPEvo9KN4jb8uyUDsJeScpboYgd-d0e6yufRqOUL-Z2q6-6-Th7XPte-1EnMXUue2w0fIEUlVAhDCj-nWnulhvdSD_1SLG7E7BtdJtysQlk05Ol-DVU1CpAIMetKLv-XQksKFzK5MUlY0hAqB9Tc0arKaiaIzBPpNXTy-9JYOapM-bj6uU97lBCk1b4tkmttqGCTYuNx8VLoipmxFvX7_2epbyTH8wfpvxh2-lJX6ITjXTzInYwSQoF4W0AwWMgiOX6Ojk9xdNs-a8TNXJEcgiUw5pA0ydeYcJ0NAMsyEsTbI1JBDIpIPdyJuVnydOl_Yd5CT-GfLn9Rv8LjqtE_FAz4fGRZkuyCAiqzbuJIzbn0kEbX9xCYNvg8RO1Ia-rhg5mRSJCy7XYI67TeOD12Nq5wGs8HpMM41nRVlw9Rio1XdW8MxKW-BAiABbzbEGeDeSbVxNfUYoB-ABX6E_SCUKysYOWsTrOc7FoTJZo7o
Requested by
Host: pastelink.net
URL: https://pastelink.net/kztoeqi1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A86A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnLtzYFcGZJj5OMWX1AbYkpjwBgAAAAA4AeAEAg&bg=!WVqlWg7NAAbv3-2Ez987ADkAdvg8Wk1d3L7t-rzhqU6iyhRCI9ScD0ntkwxVvxaOIXs-21NZSXZrlbYHvX1s2Z574xGu3h2XFs0CAAAAoFIAAAACaAEHCgB044vEf9YkSqVs8zw-3_mwfK3bfmVqoM4zszGnrvh3s-YLSZsdwOLQ8Rgj6AIWKoYAySBRQWBPFmx9NS2GdI_8svC6lPqb-zIBPKCO5yblfoO7IsViIHNFmmiqRp6Fm9GVE-PcJMFm4huY4GfcH9q3xQGNKtGZAsUlpRaz5xNhL92XhW94RnxGr2AnNQfv13ssnwgN_IEo9fsMdHvRGOFTzCSZCs6vQlZFCwL03Wg2U7CW4P5u1CI8EhmmkvbC7e3USODoHmLaDPb4MrF3LhL_lDQ6FWTlUfZlWsGPM6XVch3zyJ6SKCEUXoWuaRVFm8IiN0_Y2F1Uj-2d6XUkCxfuAGRIGCQiJJMZbzAB_Rc_8VBP7qk6PW-uNu8X-4ajMlRd5i-9zXj7gxewwX1-jg4K-34TL5KC3_mqq8JJ8Dlng_OUoLWZ-ee_O70ul1ongThwbWDnsVF33G0IWit0BPZDQsOBdhyW1fvTgSkL-kksFN610SzOOH5NBINjM9XtZVeHd3c8AbI12c6k-xAepHZ2gTRki5--tZA8tkNxHSjdGhpDaM-c7_egx7ziMyW5Kc2bhcZxDpjiY_1ErzQhThqxhV2uUez1V2S-PkTdHik9QWOYSAkiUUXafbMkK8PBXbsOThjf-Kfq47aACLWTj4xl245tJYet6GG8D9xsssbZLgrmqghYYMkQM-gYrFxtk6-l-h7UTFVYYhXP2UGIjmsugf5OzQwzJk6QeU7-hVvyzQUeCdPOOVEmJ9pTpgb2_bgtbUj3zEnHkf0obBC7ra6lnC5LaR28MngqqHtXUrV6RguL1nJ7mCSHWCTApFKkuOSBIBqhmFnNmGdaM_RD7hizTMzcGP57JmK3IAa2sasI7el7ECEXAGNeYQ6u-3LHwLFSSb3yaGEmt7jkCKKXaTX5QAVRBadWAqWJlmGbIuwpdmWYKaiswpwIOKOrqcaPUEKa2tT3QyDdao1ABTPN8kJv2JVjq355z-nCAmqTHKx7CfoFsecudzPGwCSGmA3UpmE6DuFh7dTQ8ZwH0i7ozR3QrrAeVRAt3tv-fVgAN8q34SYJCd3OHZteAQAlrMNvo7dq3bvyLKQEsPY7x3jq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7AA3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BU6HNYVcGZOB6qsLi3g-sub6QBQAAAAA4AeAEAg&bg=!DQ6lDlrNAAbv3-2Ez987ADkAdvg8Wmz06SMOhjEzBITS9k6jvBVwvAfv4eY3s4wmk9T5jiUF31ZWC9DWsF8PGkeBezLHC-GxyBgCAAAAhlIAAAADaAEHmQLHcL8SnK22vvp5Ar1b4Rsi67sT9ivA6FfSBejZHfZ_It_2d5t2AK-foH17PKldDebZBWV0qDwUfUCbdEwsPKeM0X-RbJgtWJtpQH_OJi4Z1h4dJ_I4VvjBj8Q-WgICIQIQtmnefI9QcpHhTVPSw8lLPTDw1ifsSc5in9AR-N6_Lj9fxPfAnH1cBgQTvM0Ga-V1394D7RE1RqEh6W1M2PWzo1MUTy__pdcp_hTDykdsjD3Cpi6RcjlluWuEIejAYPcvaFPvIXYRk4q_VpLmS1Z99MLBc6pUoOE9FGBwx6i821s2evm4G-hR35ji7MKjY7ybCtoPHK9G_ddrTdBDjmMKcTkuLMpybeyzYilbumAVtfMqLwR-7fKueACwj0ykzna8e08Z_1bFWK0Fa5gI7-0VT1hx4O5V1D7tQalgfZ9vAhospXLD7M9YO6rDKS_S9YNocTpRaxYD4wo7SsEGhHXy3LqSjIM0lr8I1FlUdTZ24ym_M9O_XDSiAkRgV-53eaWMoudvwWDkQyaUbprxAekHErZcz-P__s1YPM4654Iqb62Cld58hhjMeZ8azp6f7pa0QFE2ZFZ8QUtM9dCS-mOMXiK--L7kUXTm8GqVWkQx7_G2jeCHBbwb3LzZq8r8pgv6rMe-QqvDM9DL_qoD6PleT0btXAkNcccWjOqYIGsx6lUzYlx4Csy4cC1V0aDGhe-NvPWH4ML_nf4y6ZlsErF08OIaOZYSO2neJ9UBPPjAtO54vXEFxP4jpGYsXVbD3a2xf8b2WlIZGToc9dZ6cgh_HALimxzD-uq4eHZ9sEbMEuVwhZAIc0ctHmI4GfhEGX3v2T_SFl2pH5brfSMFS09Ru5fE5t7wBuq19yNoRw6b1UJFtYA2hBiHH1Z_S0hpsZgzBEBi9Li-SqFBaNkQgV2SV24BWkfO6tBc58TRCEzh3TSB3fZ5A9vZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yv
beap-bc.yahoo.com/ Frame 5EE6 		43 B
78 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=4313120524067042322:1678137182260&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=BvLRUcr4MHX5Z6I03D_RwClrs6OoZ8zx4UEKta5wGnlY8oh_rV_sT4SWDOf_q3lBoazvw4PBDwq3039cB8khwt4md1IYm4XffwKV0R9LBRPYbRdEBm3Pcxl0M3-l2i9akUkH1pPPtwQFiAc3EYh8guSaSNwUsiuhVo62S7NR1dbPak3-saMkIGTdid1flbz3oSZW0QANaK1viwmuWje8UJWVMM5LYxdP5wdEJIQFWN3-JXY3JJkwNeUNIbIKquyFiBeELejXgkGMl4thWJ7atrxQfYdhJSsj5aukDAYnZZE&iv=100&v=1&m=2&r=1678137185907&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 5EE6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA1seWytK9brAMGyG-aSdTecbkr5z5pSwfmYkyPC1WTklXwMe4A_5dC_4t-tz4uhjtkHr-Mm0lEm8Vv7JtNwU_5kASwdd4mz_17P_N9rstpeTfWOom&sig=Cg0ArKJSzIuLr6UMrd4zEAE&id=lidar2&mcvt=1000&p=521,1071,1125,1231&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=3854452215&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678137184368&rpt=567&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5EE6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEQOPRg5wFZ46Qo9nUyBW8q9Vz13JTUqeovC2UN3HJ0UEsOs-7iivyiYskQNuFOMB05-qs2HmsASIqxaLTMv1p4TzXI7gJ&sig=Cg0ArKJSzMmRE0fPri4dEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2531837453&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678137184368&rpt=570&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame AF06 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=PvD2x_n9ei6WBaL8H3AzPxfIrJNHiDofBhQFvd3I_W8_Av7nUn-MOXNw4pwQ_RHd4xT5zm9DJ3AKvNSAr41CJmQXYPyl0Iyzu0CYcCed8OAbMaJ3FBwrh1v4lQ_4FFkD6e59xJ86Ug46SGGwrHKjntXRcRofMxlmzI7UGfbfKUkKhLwukDIfzCsuGNvdZoFzf5hmBle5fZAiHZ0-lysMO5OYB-8eVUk_5VhRNBK-ZNWusKAK1l11MQs8BhkkhfaMVtTZ3A&sds=2&rev=84953.2&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZAZXXwAJrA4CZpvxAA-umjM4q2EHq09Q_tQ4QA&u=%7CzgEyEcVIxaYkInyiPIXbypwcm%2F3YXX8t6DWi4MSCvT0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4GS8d0D9pqsgEM8_Ocsn1bxPovNlluCOmz0VQWC4YTe9p7w12nqdS0bxeDJ19suL1A2dEK9a6SMv2ZQvmt6-ApAXCFGOAOFg4yY1lrL_oHtQfxi64f5RHuwqxN8vHXXwdr0sgiFlBdeEcntJy5PkVbgNu-5nwysXfYpT5vBMdWJQWEmZzcWZ4XsylOvIP49237tQX2eiI-rmwYQ8LtF5sngFxEcFjBdwP96IcGLsnWaCBK4o6eJK931Yl70GmqcF7LNd98MRV1-SvmY3f68Zjm-bD2mtCwISDoRpsftDHAjM44jPZIVgm3HbZcpPOzPfm5Zkq7RBEkWU_znd4QuNnnCoLpEYBAYAz3rJ1Qsj9Ea2CtQpGrLTYICB8X4vqg7eRccQM0EO-1QcQL_EyuWX4Q16IUpfzEcpes2Ycf1ALgtmS7maMqAfNyDzfpHNB30bQ5on7jmIxo98rvVhPtNqdPrXMfFftS9lCAFAYQB0mx15s8RgS24gM6HS2m7NEXCZTcDJLtmRyG31RipVyjnzQnNPYPwyV2uBPDHlZ9eF8gip1wtINTbhAxrVlaxg8FkwSzmMOIe0EyoiIF-wZjFeb3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkQiLX1cGZI7YJvG3msMPmt2-oA691O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTc1MDg1NjIzOTIwNDQxNMgBCeACAKgDAaoEggJP0OM0gfnc-bYu3nE7m2WnLjUi-pUMydO4ux0f-XQnef-SPR9S_YeuJkaoLJTUdUvyW0ERMYt-Nq6Re-V-hx5Eot2InA85QHxOap0IsOlkt9fdkc1CRIEYMBlxBjqbQ4v2RygaOxS4HIssFxLibaTnCru_qQesjWKawZhDTlRU4ea9RjMBHC0NVu6ZT6-WIYTnYIiOoJ8hHqVoTPOPZ8i0rvwyuJRgdzlV1XWRUuVID10gQ-wIezhd3bQzmSJn9-n5-eUktKn3Hld9W0HI8VKW9BnLri7cYAE9jo7JFiknZbib4axorAThlSaqqHyqJdHU9tZa99iBxRn3SBfWP9pWK9fgBAGABqvP_46RmvySkQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PxcQAISzw2rZ13QH_y_wSS8ucgQ%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
yv
beap-bc.yahoo.com/ Frame 8E40 		43 B
435 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=395988199477231103:1678137182261&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=5_vNB-Vdj-ZJHGrM3HhsY-pb201Gi9ZjvbLxUevObyZYuV3ia0aNfKc5_abLyRgdxdWrqSb9L2MneeenHTN8oEvS4pmJvkkjQoPuY_a2lPcFaPw0ZpfGitdKrrBLdEw_t7_IPjDN8Dd7jDIUxq_3yDYwZQXNaoMKMSND4dJi1Xq-Rc4xTMgSLcEx6q8ZIayWwAeQG2KntE41xxx-pJyZkdfb8Ap3PF88m5Sn7fdqFLPEKv-32cPIqEb53CuUkZ4D3_8O5UNrn785seeIgm6snhXDoEjI89jtXstdrOmi81c&iv=100&v=1&m=2&r=1678137186184&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:98:800::e6 , Taiwan, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:06 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E40 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYPwu9reY7sKCOhxIeng8PkYGMAKlSnICSSW8-lP_JG3bTp_M0fsIkXlaL6kAjPV0ug3ZLNRW3h_Ok9xRRT200x5rP7h3s&sig=Cg0ArKJSzIPecprr-4g8EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=1037517726&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678137184686&rpt=528&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E40 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVcsX75ktytphmQLAMRg0l9v-pJET8IWKDSZhiisxA-ODeg2n77LpY73qWkGPoyMYujmoDG-3lW97xptd_J5ua73jp1ccuDUa9g1wrzZm_CpDhi0tb&sig=Cg0ArKJSzI-upHxWfgASEAE&id=lidar2&mcvt=1002&p=1105,436,1199,1164&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=759513158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678137184686&rpt=525&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
idrs.adtelligent.com/ Frame 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 06 Mar 2023 21:13:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
252249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
get
idrs.adtelligent.com/ 		0
0
/
id.a-mx.com/sync/ 		131 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastelink.net/kztoeqi1&v=7.35.0&vg=advpbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:29fd -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc6632f4bb22083fffe89050d5f5fa9b96cf1314968bd98a6b1e34423c6b7fb

Request headers

Referer
https://pastelink.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 06 Mar 2023 21:13:06 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUsN4wlTlsmJ5w2ym%2F5DCyQ81HV4pXDY75Q4zZ4IuRFgB2z5QgvtggVP0ZjyWDscq7CpjjG4A%2BQjaqE5o%2B8gvIeC086aCvubC3aU0BmNIupE%2BqjeS5thrqnRoSNylJc7pKTDQEA094N1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
7a3d99c6fb0c4116-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=PxNWt3wxSEJZTnNLRU5tTHRLNVFvWldQcUxJR1oxaDZhYmdTSGVrU0dsVGFXZ05UMFJLSmtJeGU1RDAwMHJiZEtnM2NvbmRzOU1maUpVejJhdENVcnVyMGN0OGtaSjRQdjBLWGxaaU00aVF4cTgxTHpEWStxWlBQT2piWX...
0
0
prebid
id5-sync.com/api/config/ 		0
0
sspmatch-iframe
ads.betweendigital.com/ Frame 68E7 		604 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a6f67be93e4ce6f8289723248d8c3cafc7df43c3076ca2913f55c5ecde7009c8

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4B1E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50443
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 06 Mar 2023 21:13:06 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
59, 311989
X-Served-By
cache-lga13626-LGA, cache-qpg1246-QPG
X-Timer
S1678137186.400737,VS0,VE0
sync-all.html
adxbid.info/ Frame C591 		0
0
checksync.php
contextual.media.net/ Frame 0452 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ebcc382e1ad31b6bcf868f33352d0a7a49989475c3d5453927d1403aea819ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11526
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 21:13:06 GMT
expires
Wed, 08 Mar 2023 21:13:06 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=bbe1bd25-e373-4e62-b717-d85f6df232ee&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-LNqZtllE2pmCbJ.mP7Gbvbe9LldqtPDOxpwIbQ--~A&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbe1bd25-e373-4e62-b717-d85f6df232ee
0
0
cookie
cm.adform.net/ 		0
0
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
0
9.gif
id5-sync.com/s/441/ 		0
0
getuid
ib.adnxs.com/ 		0
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
Protocol
H2
Server
18.197.14.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-14-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-yhASJaRE2uGg7RR_ruJDsbgDTBpM3FjGvHu..ic-~A&gdpr=0
date
Mon, 06 Mar 2023 21:13:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 68E7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dbbe1bd25-e373-4e62-b717-d85f6df232e...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=20aa6406-5760-4f00-b72e-4bb097f1f183&expires=30&ssp=between&bsw_param=bbe1bd25-e373-4e62-b717-d85f6df232ee&gdpr=&gdpr_consent=
0
0
btw
sync.dmp.otm-r.com/match/ Frame 68E7 		0
0
btw
px.adhigh.net/p/cm/ Frame 68E7 		0
0
match
ads.betweendigital.com/ Frame 68E7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS15aEFTSmFSRTJ1R2c3UlJfcnVKRHNiZ0RUQnBNM0ZqR3ZIdS4uaWMtfkE%3D&gdpr=0
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS15aEFTSmFSRTJ1R2c3UlJfcnVKRHNiZ0RUQnBNM0ZqR3ZIdS4uaWMtfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
203.195.121.141 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS15aEFTSmFSRTJ1R2c3UlJfcnVKRHNiZ0RUQnBNM0ZqR3ZIdS4uaWMtfkE%3D&gdpr=0
date
Mon, 06 Mar 2023 21:13:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bidder_18.html
cache.betweendigital.com/code/ Frame 8FD8 		0
0
async_usersync
ib.adnxs.com/ Frame 4B1E 		0
0
sync
gum.criteo.com/ Frame 0452 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 21:13:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
261365
expires
60
usync.html
eus.rubiconproject.com/ Frame CA7C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Mar 2023 21:13:06 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 06 Mar 2023 21:13:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame 2419 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7C11 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23321
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 06 Mar 2023 21:13:06 GMT
expires
Tue, 07 Mar 2023 03:41:47 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us
sync.go.sonobi.com/ Frame 0452 		0
0
cksync.html
contextual.media.net/ Frame 0452
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3211387858092148...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3211387858092148000V10&type=opx&refUrl=&vid=81371864423211387858092148000V10&ovsid=7f8727b5-3c75-4432-88aa-c9879d9a8272
0
0
cksync
cs.media.net/ Frame 0452
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzIxMTM4Nzg1ODA5MjE0ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENvL-fEB6GBJPPBKlvTZWg8&google_cver=1
0
0
cksync.php
contextual.media.net/ Frame 0452
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Ddxu%26refUrl%3D%26vid%3D81371864423211387858092...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=dxu&refUrl=&vid=81371864423211387858092148000V10&ovsid=anagpaZ81Pzi8N5
237 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=dxu&refUrl=&vid=81371864423211387858092148000V10&ovsid=anagpaZ81Pzi8N5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 21:13:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Mon, 06 Mar 2023 21:13:06 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Mar 2023 21:13:06 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-01530317849a78967@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=dxu&refUrl=&vid=81371864423211387858092148000V10&ovsid=anagpaZ81Pzi8N5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0452
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a6c1f602-8756-401c-8df8-356c2a563f72
237 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a6c1f602-8756-401c-8df8-356c2a563f72
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C459%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 21:13:06 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Mon, 06 Mar 2023 21:13:06 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Mar 2023 21:13:05 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a6c1f602-8756-401c-8df8-356c2a563f72
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1517685
content-length
0
expires
Mon, 06 Mar 2023 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame 0452
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedi...
0
0
/
b1sync.zemanta.com/usersync/medianet/ Frame 0452 		0
0
sync
rtb.mfadsrvr.com/ Frame 0452 		0
0
cksync
cs.media.net/ Frame 0452
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3585500b-878f-4de3-92ab-e7f9bedd5d25
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7C11 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69844255&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
211a9be5adbaf096b2145fb920b0b5ba4c3692c0679a6ac7da1947659e67d70a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 21:13:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PxNWt3wxSEJZTnNLRU5tTHRLNVFvWldQcUxJR1oxaDZhYmdTSGVrU0dsVGFXZ05UMFJLSmtJeGU1RDAwMHJiZEtnM2NvbmRzOU1maUpVejJhdENVcnVyMGN0OGtaSjRQdjBLWGxaaU00aVF4cTgxTHpEWStxWlBQT2piWXYrTlpVby9HYUwzVE9JSVJLbitKOStqWmtOZXgyUEVlVTdSTzhGMUY4NVBQdXM5TWN6SWxTNUlXckdXTXZmc1d4R3AvSmxDa1NSZlMwdHFVT3pnMUx4SmlVTGszUHNQVHE3Z0lYUU1Wc0ZrOUtQMllKQVVBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 06 Mar 2023 21:13:05 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
394342
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame CA7C 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 21:13:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Mar 2023 11:12:21 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=50259
Connection
keep-alive
Content-Length
10006
Expires
Tue, 07 Mar 2023 11:10:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F6C8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:20aa6406-5760-4f00-b72e-4bb097f1f183&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:20aa6406-5760-4f00-b72e-4bb097f1f183&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 21:13:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 06 Mar 2023 21:13:06 GMT
Expires
Mon, 06 Mar 2023 21:13:05 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 569 46451a0 master hkg-pixel-x23 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:20aa6406-5760-4f00-b72e-4bb097f1f183&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame BFA8 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1BDA
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z7dfwxeklys
0
0
getuid
ib.adnxs.com/ Frame 51A4 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame C301
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=to3firWO2Yytj47Y4oHC3uaN2tit2IqEt4iY8CWK
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=to3firWO2Yytj47Y4oHC3uaN2tit2IqEt4iY8CWK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 21:13:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 06 Mar 2023 21:13:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=to3firWO2Yytj47Y4oHC3uaN2tit2IqEt4iY8CWK
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
pubmatic
gocm.c.appier.net/ Frame 78BC 		0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 8941 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E13D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 21:13:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 21:13:06 GMT
expires
Mon, 06 Mar 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1023040
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
sync
sync.srv.stackadapt.com/ Frame D0D1 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 01F6
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=17zjft5xyu1j
42 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=17zjft5xyu1j
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 21:13:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 06 Mar 2023 21:13:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=17zjft5xyu1j
lws
125
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
pxd
dps.jp.cinarra.com/ Frame 5AE5 		0
0
cm
ipac.ctnsnet.com/int/ Frame CC2F 		0
0
cm
ipac.ctnsnet.com/int/ Frame 7AA8 		0
0
bridge
cm.adgrx.com/ Frame DB5D 		0
0
cs
ad.turn.com/r/ Frame 55B9
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1678137186586
  • https://ad.turn.com/r/cs?pid=45&rndcb=1238518827
0
0
i.match
a.tribalfusion.com/ Frame F087 		0
0
cookiesync
core.iprom.net/ Frame 493F 		0
0
/
csync.loopme.me/ Frame C8E7 		0
0
141
match.deepintent.com/usersync/ Frame 90F6 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7C36
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:anagpaZ81Pzi8N5&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:anagpaZ81Pzi8N5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dpba%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 06 Mar 2023 21:13:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Mar 2023 21:13:06 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:anagpaZ81Pzi8N5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-01530317849a78967@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pm_match
um.simpli.fi/ Frame 56E0 		0
0
cksync.php
contextual.media.net/ Frame B3F5 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7C11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KSF9G16-R2W556H6mLhsTA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
0
0
receive
pixel.tapad.com/idsync/ex/ Frame 7C11 		0
0
qmap
sync.crwdcntrl.net/ Frame 7C11 		0
0
info
uipglob.semasio.net/pubmatic/1/ Frame 7C11 		0
0
29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7C11 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 7C11 		0
0
sync
ups.analytics.yahoo.com/ups/58292/ Frame 7C11 		0
0
match
c1.adform.net/serving/cookie/ Frame 7C11 		0
0
sync
x.bidswitch.net/ Frame 7C11 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7C11 		0
0
cs
ad.turn.com/r/ Frame 7C11 		0
0
apn
ads.playground.xyz/usersync/ Frame 7C11 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame CA7C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26us_privacy%3D1---%26initiator%3Dob
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%25%25VGUID%25%25%26obUid%3DJAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26initiator%3Dob
Domain
id5-sync.com
URL
https://id5-sync.com/s/164/9.gif?puid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=ob
Domain
idrs.adtelligent.com
URL
https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Domain
idrs.adtelligent.com
URL
https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Domain
mug.criteo.com
URL
https://mug.criteo.com/sid?cpp=PxNWt3wxSEJZTnNLRU5tTHRLNVFvWldQcUxJR1oxaDZhYmdTSGVrU0dsVGFXZ05UMFJLSmtJeGU1RDAwMHJiZEtnM2NvbmRzOU1maUpVejJhdENVcnVyMGN0OGtaSjRQdjBLWGxaaU00aVF4cTgxTHpEWStxWlBQT2piWXYrTlpVby9HYUwzVE9JSVJLbitKOStqWmtOZXgyUEVlVTdSTzhGMUY4NVBQdXM5TWN6SWxTNUlXckdXTXZmc1d4R3AvSmxDa1NSZlMwdHFVT3pnMUx4SmlVTGszUHNQVHE3Z0lYUU1Wc0ZrOUtQMllKQVVBPXw&cppv=2
Domain
id5-sync.com
URL
https://id5-sync.com/api/config/prebid
Domain
adxbid.info
URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Domain
a.vidoomy.com
URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bbe1bd25-e373-4e62-b717-d85f6df232ee
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Domain
pixel-sync.sitescout.com
URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Domain
id5-sync.com
URL
https://id5-sync.com/s/441/9.gif?puid=a_a045146d-9f86-454e-8c35-fa2d7f99e0e5&gdpr=0&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=80&user_id=20aa6406-5760-4f00-b72e-4bb097f1f183&expires=30&ssp=between&bsw_param=bbe1bd25-e373-4e62-b717-d85f6df232ee&gdpr=&gdpr_consent=
Domain
sync.dmp.otm-r.com
URL
https://sync.dmp.otm-r.com/match/btw?id=d420fa7e-96ba-5442-852d-0dfbe12b5aa5
Domain
px.adhigh.net
URL
https://px.adhigh.net/p/cm/btw
Domain
cache.betweendigital.com
URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=d420fa7e-96ba-5442-852d-0dfbe12b5aa5&CACHEBUSTER=498030
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Drkt%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3D%7Buserid%7D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=son&refUrl=&vid=81371864423211387858092148000V10&ovsid=[UID]
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.html?cs=8&vsid=3211387858092148000V10&type=opx&refUrl=&vid=81371864423211387858092148000V10&ovsid=7f8727b5-3c75-4432-88aa-c9879d9a8272
Domain
cs.media.net
URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENvL-fEB6GBJPPBKlvTZWg8&google_cver=1
Domain
inv-nets.admixer.net
URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dmedianet%26bsw_param%3Dbbe1bd25-e373-4e62-b717-d85f6df232ee%26gdpr%3D0%26consent%3D%26gdpr_pd%3D1%26expires%3D7
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3211387858092148000V10%26type%3Dzem%26refUrl%3D%26vid%3D81371864423211387858092148000V10%26ovsid%3D__ZUID__
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3211387858092148000V10
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3585500b-878f-4de3-92ab-e7f9bedd5d25
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z7dfwxeklys
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=45&rndcb=1238518827
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3211387858092148000V10&type=pba&refUrl=&vid=81371864423211387858092148000V10&ovsid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&sInitiator=external&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29217D1B-5EBE-4765-B9E7-A1FA98B86C4C?gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&redir=true&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29217D1B-5EBE-4765-B9E7-A1FA98B86C4C&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LEXBJUTS-1Q-9ALV

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 boolean| credentialless function| $ function| jQuery function| Cookies object| dataLayer object| googletag object| advally object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| advpbjs undefined| cmd object| google_tag_manager object| google_tag_data object| recaptcha string| GoogleAnalyticsObject function| ga object| advpbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady undefined| google_measure_js_timing undefined| conf undefined| ret string| x object| slotRules object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| DOMlessLLDcallback_30769367 object| ONFOCUS object| google_image_requests object| googDdmPs object| BrandSafetyNadoscallback_30769367

62 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
.3lift.com/sync Name: sync
Value: CgkIOhCbppXG6zA=
pastelink.net/ Name: PHPSESSID
Value: q0i98n1og4vpupf4eenla2bn2v
.pastelink.net/ Name: _gcl_au
Value: 1.1.265670076.1678137181
.pastelink.net/ Name: _gid
Value: GA1.2.1005764722.1678137181
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
pastelink.net/ Name: plTest
Value: true
.pastelink.net/ Name: _ga
Value: GA1.2.824906174.1678137181
.pastelink.net/ Name: _gat_advallyTrackerpl
Value: 1
pastelink.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: tuuid
Value: d420fa7e-96ba-5442-852d-0dfbe12b5aa5
.betweendigital.com/ Name: ut
Value: ZAZXXgACfLjhDKeaxT4ElUOZpdNauARHIr33Hg==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBF5XBmQCEMe8V5OvAELT_7wNYosmCLQFEgEBAQGoB2QQZAAAAAAA_eMAAA&S=AQAAAuY9vZCw1kxzf2egzTPZ7oc
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: xjOdZf-XVn14X9MFtHUH8sl58wmph_OkPMk0KJ5LPYqOv9gw2EdgnFgrRnyg027UjKzP7XFn4OZjrLLo47OKc9Mvzwli9SlfLbrMvLxSSRrlSHW8OEG7PmPx15vANbj9
.gumgum.com/ Name: vst
Value: a_a045146d-9f86-454e-8c35-fa2d7f99e0e5
.doubleclick.net/ Name: IDE
Value: AHWqTUnnBpBCXIhDYDNuEziB3OUBfVpYE3Vo3f8g6tMNKY8i-Pq3vHTHtBeU5kJC8y0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.quantserve.com/ Name: mc
Value: 64065760-6adb8-bf45d-ae871
.outbrain.com/ Name: obsessionid-p113125
Value: f2eff134-f9e8-2894-0000-0186b8c550a1|0|1
.outbrain.com/ Name: obuid
Value: 4b86c7cb-bf78-4633-978d-53c0b6d746c0
.turn.com/ Name: uid
Value: 9015009517222667117
.mathtag.com/ Name: uuid
Value: 20aa6406-5760-4f00-b72e-4bb097f1f183
.bing.com/ Name: MUID
Value: 17DD8DBA11FA6D6301979F7610FB6C34
.c.bing.com/ Name: MR
Value: 0
.adnxs.com/ Name: uuid2
Value: 3964265803677574557
.adsrvr.org/ Name: TDID
Value: 3585500b-878f-4de3-92ab-e7f9bedd5d25
.bidswitch.net/ Name: tuuid
Value: bbe1bd25-e373-4e62-b717-d85f6df232ee
.bidswitch.net/ Name: c
Value: 1678137184
.bidswitch.net/ Name: tuuid_lu
Value: 1678137184
.uplynk.com/ Name: COMBOID
Value: "comboid=y-5KIpJ.ZE2uEK6eZeR7OyMSTBhOrfjeNw~A|expires_at=1685913184"
.pastelink.net/ Name: __gads
Value: ID=c6c2dcb8a7a7ed79:T=1678137183:S=ALNI_Mb3z_-FBASl_4fK_qYrqq3hAyOnnA
.pastelink.net/ Name: __gpi
Value: UID=00000bd31a0625c6:T=1678137183:RT=1678137183:S=ALNI_MbEwj5eeVBoa5ukDDTZ27WkPtjymA
.rubiconproject.com/ Name: khaos
Value: LEXBJUTS-1Q-9ALV
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1678137181.1.0.1678137184.0.0.0
.quantserve.com/ Name: d
Value: ECQBEwG5KJyLkwi4ggA
.bidswitch.net/ Name: bsw_origin_init
Value: 0
.3lift.com/ Name: tluid
Value: 2897923024276059055810
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.openx.net/ Name: i
Value: 64077173-3ef2-4125-b133-7f014b522353|1678137184
.pubmatic.com/ Name: SyncRTB3
Value: 1679270400%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 29217D1B-5EBE-4765-B9E7-A1FA98B86C4C
.eyeota.net/ Name: mako_uid
Value: 186b8c5529f-2504000001084cc4
.eyeota.net/ Name: SERVERID
Value: 19652~DM
.agkn.com/ Name: ab
Value: 0001%3AfYSHAZwf7vFpWx07wqH9%2F0qcL3KjbCwb
.rlcdn.com/ Name: rlas3
Value: 32b/2DqZ5pett2qlmePcqGQ8GWeuHVx5t+JlSe1e23o=
.rlcdn.com/ Name: pxrc
Value: CAA=
.casalemedia.com/ Name: CMID
Value: ZAZXYEpUzMktMBcOj8P22AAA
.casalemedia.com/ Name: CMPS
Value: 4906
.casalemedia.com/ Name: CMPRO
Value: 4906
.yieldmo.com/ Name: yieldmo_id
Value: gece288d1fa91a36e168%7C1678137185032%7C0%7C
.rubiconproject.com/ Name: audit
Value: 1|t15V6qJ58YdimfaOvcdZBGA4nH8ZoGHi4B9zk5/5I3lx1g1ygpCGvlxm/7iQqPow3GMH/OVnYjDqFTrNE4+z9k1id1yxWjzFHm0QlslGhrY=
.pubmatic.com/ Name: pi
Value: 156078:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.socdm.com/ Name: SOC
Value: ZAZXYcCo5s8AAIofEZkAAAAA
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCP79-L6zpM87EAUSFgoHc3Z4OXQ1MBILCJ7nm8CzpM87EAUYASABKAIyCwie357tyaTPOxAFOAFaB3N2eDl0NTBgAg..
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~2ad9:18p2~2ad9:175s~2ad9:176l~2ad9:173n~2ad9:175v~2ad9:175u~2ad9:18qt~2ad9:18yl~2ad9:18vj~2ad9:190j~2ad9:1769~2ad9:17kh~2ad9:17ol~2ad9:18yx~2ad9:18vk~2ad9:195t~2ad9:175w~2ad9"
.media.net/ Name: visitor-id
Value: 3211387858092148000V10
.media.net/ Name: data-v
Value: y-2aYMe4xE2uF0y9vShG5LLcnIWcapWsxL~A~~3

8 Console Messages

Source Level URL
Text
other warning URL: https://d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://id.geistm.com/m/OB/JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=JAOkTALCwoevYc2dTJiPpjgTxmabiet3jeNJNoVpcmTR-BqDo10zTC51WwI-KjSS
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.as.criteo.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.sg
adxbid.info
analytics.twitter.com
ap.lijit.com
b1sync.zemanta.com
beacon-fra2.rubiconproject.com
beacon.krxd.net
beap-bc.yahoo.com
bh.contextweb.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
cache.betweendigital.com
cat.sg1.as.criteo.com
cdn.adligature.com
cdn.js7k.com
cdnjs.cloudflare.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
crb.kargo.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d.adroll.com
d.turn.com
d.vidoomy.com
d3634c061f8805e4475e2c6ce4f04e44.safeframe.googlesyndication.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
gocm.c.appier.net
googleads4.g.doubleclick.net
gum.criteo.com
i.w55c.net
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.geistm.com
id5-sync.com
idrs.adtelligent.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
loadus.exelator.com
log.outbrainimg.com
match.adsrvr.org
match.deepintent.com
mb.moatads.com
millennialnexageinapp768429046591.s.moatpixel.com
mp.4dex.io
mug.criteo.com
odb.outbrain.com
odr.mookie1.com
onevideosync.uplynk.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pippio.com
pix.as.criteo.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prebid.media.net
pro.ip-api.com
prod-m-node-2113.ssp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
px.moatads.com
rock.defybrick.com
rtb.adxpremium.services
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.criteo.net
sync-dsp.ad-m.asia
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.adx.opera.com
tag.1rx.io
tags.rd.linksynergy.com
tcheck.outbrainimg.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vpaid.vidoomy.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
a.tribalfusion.com
a.vidoomy.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adxbid.info
b1sync.zemanta.com
bh.contextweb.com
c1.adform.net
cache.betweendigital.com
cm.adform.net
cm.adgrx.com
contextual.media.net
core.iprom.net
cs.emxdgt.com
cs.media.net
csync.loopme.me
dps.jp.cinarra.com
gocm.c.appier.net
ib.adnxs.com
id.geistm.com
id5-sync.com
idrs.adtelligent.com
inv-nets.admixer.net
ipac.ctnsnet.com
match.adsrvr.org
match.deepintent.com
mug.criteo.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.adhigh.net
rtb.mfadsrvr.com
simage2.pubmatic.com
ssbsync.smartadserver.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.adx.opera.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
x.bidswitch.net
103.229.206.241
103.231.98.194
103.231.98.196
103.231.98.197
104.244.42.131
104.254.150.241
107.178.254.65
13.215.220.77
13.251.233.244
139.5.84.243
145.40.73.4
151.101.65.108
172.217.194.155
18.136.165.105
18.139.68.213
18.140.119.153
18.141.109.184
18.155.68.41
18.185.128.132
18.197.14.124
182.161.73.132
182.161.73.136
182.161.73.146
184.50.85.234
184.51.99.100
184.51.99.153
185.106.140.18
185.184.8.90
185.84.60.20
199.232.46.132
2001:4de0:ac18::1:a:1b
2001:df2:a300:bbbb::135
2001:df2:a300:bbbb::136
202.241.208.57
203.195.121.141
208.95.112.2
23.207.180.199
23.207.180.23
23.207.181.140
23.207.181.73
23.39.5.30
2404:6800:4003:c02::84
2404:6800:4003:c03::5e
2404:6800:4003:c03::61
2404:6800:4003:c03::9b
2404:6800:4003:c04::65
2404:6800:4003:c06::5f
2404:6800:4003:c06::84
2404:6800:4003:c06::9a
2404:6800:4003:c06::9b
2404:6800:4003:c0f::5e
2404:6800:4003:c11::63
2404:6800:4003:c11::94
2404:6800:4003:c11::9b
2404:6800:4003:c11::9d
2406:2000:98:800::e5
2406:2000:98:800::e6
2406:2000:e4:1409::2000
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::10
2406:2600:7:100::15
2406:2600:7:100::7
2406:2600:7:100::9
2406:2600:7:100::f
2406:da18:22e:4f05:9b8b:4903:ea64:de6a
2406:da18:929:5a01:3027:3246:6166:fb40
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:223b:b000:1b:5138:8a40:93a1
2600:9000:229f:ee00:1a:ba5c:3900:93a1
2602:803:c004:200::154
2606:4700:20::681a:9a9
2606:4700:3031::6815:29fd
2606:4700:3031::ac43:cab1
2606:4700::6811:180e
2606:4700::6812:272
2620:116:800e:21:36b5:1576:d999:6e52
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:d100::13
34.107.148.139
34.111.79.67
34.199.72.104
34.210.220.175
34.98.64.218
34.98.67.3
35.161.156.211
35.190.60.146
35.213.12.39
35.230.38.116
38.133.127.95
52.220.229.2
52.223.2.229
52.223.40.198
52.46.151.131
52.74.162.2
52.77.104.51
52.77.152.198
52.95.118.179
54.150.10.110
54.151.166.121
54.251.217.3
54.65.137.42
63.251.14.14
67.199.150.85
67.199.150.86
69.173.158.64
70.42.32.127
74.125.130.148
74.125.24.157
8.43.72.98
85.114.159.118
89.35.29.15
0002a0909535a93d2e231016178b69542d2acc4b7cb2e2dd35b5aea496ae0888
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8519a06bcd06be8dbbde8da7c726003a7b20c275ef6bef985024d1c1b8148f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e77a06377f2dd89e4eae1e231a31b3243bd68bc785d80558d58c42f34cf0bce
211a9be5adbaf096b2145fb920b0b5ba4c3692c0679a6ac7da1947659e67d70a
229a89f6a8da0180003a1e15dc6401355987b51101e4aed0800b17d7212e63e4
244c27d417e38356f3585c60c88b020a3866abfd1436bc4dbcb2a126c305f89b
2616aa5649e77485785a6df3039bd10bbccfb78203880b47a625235458157d70
29f069bbb95e66fea0734d945b83a8e85de6a3102c0b1615ef24ce760d6f2793
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bc6632f4bb22083fffe89050d5f5fa9b96cf1314968bd98a6b1e34423c6b7fb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d8362c77899fcb145ab5855ef85d7aea921f881d95cd9544a6df23149c6bda
34c9679776c240490c584578b327d109c0bf340a5e09714198de44600af4be4a
385eb75d03c130230da212fba0a0d230e0d09b8335067a3eb7e4d9167590a59b
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a32ed98b4f52d290a528280cc5486781c2a6ce4388329e3a64ef81fb1b31054
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
3cabfba654d7bcbc6d7ba88fe7e3c85a0a5aa75601f88dae8ea7c71970379678
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42532af9af0847dff858342a353bd5172376b564a11b5a48abf6c78e6d9cbedc
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aeb4fb430d6de9556dfce4e1dbac77de1e41a593dc20f4556317fd80bcafcdf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e888a8e391d95896c9394e229d6b2323201f8d9f236fa961b30157cc1d87c36
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
57f5f5e0b9751dc4a403d42f90055ae301732e507f1ea53724705a82a59595b2
590a83fd40d49f205de936997fd35d14e1676a4e4e21c344c1ec3687bd240eb5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60f879cc9051ffdcee1b10802a580d95a5a0016072bff541575b07940f108660
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
670dc66bdd658139d240eedad1274df27975093212b087640ace94fdd41e2038
68dd66af3c6e581b9b314bcefa73d9516dcf532e16b6bd55630cafd4eec67ff1
6adc43c9418657a97de654f03ae515672c4f7f5261980d7958f8fa0f397115a5
6bb919d0be72bd641b6d46aee19fa1428eb98aaffdf92a8ca7d47a6940980933
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6d1f54735eb85fa53b529a71c737152398516a288860aea9d757f81ee358aac0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75d49ccf8ab68a6203d0800c5673b189372737630ffc5f55cdef70d847a11b05
786921a61f4c19b6556316a57bc8c4ad76157b45586fb01657a4389de7af4372
78eec6a571c69021a2b3fd981b16b57599dd3456ef5f6058ab130b3d0d2fb1db
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7bc59d55c18baedef7368e8b3aa3bfddaa7a71b17a6695a1026e4120e1f95a77
7c27041b78bcf2dfa392be15c2ef59ce667565bd727db13889a7473806f74ef4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7da27cc977651ec2112d493553573cce09852af13c75eba6a084f7bba625c266
7df7f9d2319dd990930f983a351acbeb4b448713bfaa65b1fb107f1b820084a4
81b96677a0814e6eb0ed9b547796e01da299e500a4a1b029d9d62dc80e398224
81c9a6d7deb6c82c1c309f220a7ee89c15938f8e79dcfa0fafb587fbe759f5a6
81fb3f1fbb2e5be4ddfc93103bc7573855aeeb094a4fc1c793254874dbfd473e
82b14847a3121aedef511f611f4f63222eaeae72bb7db335b7567a318688b3d7
8321a8c4a62b9b69cf6aa26b92634cd5b9f4e6937d4ab9da8a5e00d174ca2edb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
844bbe1afe0ef257f14bbf3d0045cf1054fafc4c072b288e2a996239133a38a9
8531b0d224edb463d8363f639c155821c69755bf2d6d6d486184fe82c13180bd
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
85c68245f67099f366fd5911f4d54340e16f5e671769af18b174f4958f8f726d
88aebe77c821689d5497225dda6e0c5ad7b75d71ff3e96430d251bfbc825a63a
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
935b7938be7c5d4c8edbf114e50a40e1831369c54a59c1fc2abb2e00528bafe3
948c7a7942e3b0190b8e02ff8bfd224ee47e64a1e737091dbc4c5e4b0c6814b9
96bdbebc9eb0354a2ef8602f3504e469649e15e8e42d457d48e20cf65d30a0ef
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9deaac5d56e16e3ebabea7074260b0fd928a5f1ed99708ce779fba46a83bcdc8
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48922eaa3b220e438ec5b0b77654969e74829e2bca2507baab8db4cb5bfea29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a550308eb98407286db783331bc1642b80c7982a6a5f2bbeb1bfa905b0f78de0
a63352e1cd1d58eb182679f2a2ec9bc94bfe34c5ddb594cec95384bb145d9cad
a6f67be93e4ce6f8289723248d8c3cafc7df43c3076ca2913f55c5ecde7009c8
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a86ebfe47ab8d5f8cd0a18dc7993961dc4ce3a2b098bd16cef961782b95d4f75
aa1ab67ecf7a58341bb1b83c0fd6bbe27247dcd7b77474024fa151151bc1b6f2
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
aa93a4b21551c063d1f367d6a165f48dd3c64176902fb94b3fb5123145ba5bff
ac09a3ed40d3ea87cbfff83f8481daa1858ad67c98196cc4327591187fe3d63f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad351a0f4ed59a3988791e53416b532404cdc80df9f9bb80416ff27f51ab307b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8add6a7d265fc560dc8b5fff703b64c833ba7da62afa8f1dd0b11c8e449ba2e
ba71c96c42fd3122769586fdd7de0e5d6c92c1fdc34a6d0a8425cdb12de55fbc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbaa96c741caa479d4647fc567f64e5ddc71eec58ee9849cb9e8a14bee65bc30
bc5a73bc64bc1eccbb939f71fda34c374f13e878068914204b9baa6c731168f5
be4830b3493fbe18c10145f72a1e9d0036d22c7e4ed1da049e5c0b8d7df08f2e
c2148e116b153e987662b586ae7407277f32671584df5f00457f0471a5d60044
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22d00639761beb2ebbb9b1f343275f62a108a9d72de3d977c6de7f814b2a42d
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c2581d2b2dc42af66b6ecea0c14feaabc22736563abc3802282c8726b3612ebc
c42225ed6cb1969752da988b187bd0b76a411709631e03282100a5287efc32aa
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c81d37f8dbeba96c09f42154ff2393259df8fcaf61b9d0855dba2231da87722a
cb9de143b9f924c8c2aeaec91a94bcb23b23e4f2b58ff6edb67acbdda2773b23
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d07f929cbec14b12dd3e5ae90b6b3a394601f1d237ac70fa0a15ea2d92949b
d8be44b19c40c170bc803e3c35973751f755fc4d835a37e2e126b77cdd4bf05b
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df6489040da427f79479ce6c8bf740d0c3bd6c5393f47196b72581a9583f0292
e0dba359c85e884ff1c338ef21a4e6b024b1e57d4ae7e8878becfa472b3c2495
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fbe483f19d7b7b89909c793f174085aded9e8489dee9ad4e4ca8de533cd4c5
e49b1b809aaa03938485f7130897cec9d9ee5d0b76a9206630e8f1b92a14fdd1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e99be9fbee61d2da7fd3fb3cc2de20aed9246a2996ad24eae4040dc640d229b4
ebcc382e1ad31b6bcf868f33352d0a7a49989475c3d5453927d1403aea819ccd
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee1836563df819c25c8ff5638af027cac9870456ea0e72258891a2fb71c37773
eef0c96510e777d1ece354ec25f3640bef569774bb52a1d295fe88c319057c64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ede87ffc7ef867466aa4e9be409365ad170bb120ab375bbd2a5fb280d5a72c
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2dfca51adb5f527dc72370ab5a6d140ca2b62e6eb5a865909a351a551fe297a
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f97f22fde697c9d8c77639fbbca1a74e82708f3c908d9005107cd2fc71033da1
fc4a6d9b94a9bb1f4a3c2ddcace9fd4a584fe6f2e2d88b10b078fa433ccdabda
fd908b5dc79f2afe817071019dbb00e7b9821ccc1f4b900168a9d269788f8ec1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffe533a34b375a0ebe0688e4b112a93e54b7a3642e1a802ef71a0552719aafa8