pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pastelink.net/bqlh9bgh
Submission: On July 25 via manual (July 25th 2023, 8:25:44 pm UTC) from GB — Scanned from PT

Summary HTTP 230 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 68 IPs in 9 countries across 82 domains to perform 230 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 205014.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.

This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	88.208.215.108 88.208.215.108	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
3	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
4	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	104.26.6.139 104.26.6.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	104.26.2.70 104.26.2.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
3	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	64.227.34.52 64.227.34.52	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.26.8.169 104.26.8.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	34.253.156.189 34.253.156.189	16509 (AMAZON-02) (AMAZON-02)
5	81.17.55.98 81.17.55.98	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
4	213.19.162.51 213.19.162.51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.18.2.114 104.18.2.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.7.10 178.250.7.10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
6	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	35.187.184.108 35.187.184.108	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 15	135.125.163.195 135.125.163.195	16276 (OVH) (OVH)
7	23.211.10.211 23.211.10.211	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.41.214.66 13.41.214.66	16509 (AMAZON-02) (AMAZON-02)
5	104.123.45.151 104.123.45.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.7.2 178.250.7.2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.145.88 13.32.145.88	16509 (AMAZON-02) (AMAZON-02)
4	184.51.104.207 184.51.104.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.246.8.205 54.246.8.205	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.138.154 185.86.138.154	201081 (SMARTADSE...) (SMARTADSERVER)
2 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	23.60.204.187 23.60.204.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.84.88.77 99.84.88.77	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	34.225.236.157 34.225.236.157	14618 (AMAZON-AES) (AMAZON-AES)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
2 2	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.10 69.166.1.10	() ()
1 1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 1	3.209.195.142 3.209.195.142	14618 (AMAZON-AES) (AMAZON-AES)
1	18.195.243.79 18.195.243.79	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 5	69.173.144.165 69.173.144.165	() ()
5 8	172.217.18.2 172.217.18.2	() ()
5	34.247.233.198 34.247.233.198	() ()
2	99.81.57.224 99.81.57.224	() ()
2 2	50.31.142.31 50.31.142.31	() ()
1 1	69.192.160.219 69.192.160.219	() ()
2 2	52.50.63.74 52.50.63.74	() ()
2 2	185.184.8.90 185.184.8.90	() ()
4	185.64.190.80 185.64.190.80	() ()
1 2	67.220.226.234 67.220.226.234	() ()
1 1	91.228.74.206 91.228.74.206	() ()
1 2	104.18.25.173 104.18.25.173	() ()
1	52.214.214.124 52.214.214.124	() ()
1	54.72.81.170 54.72.81.170	() ()
1	69.173.151.100 69.173.151.100	() ()
1 1	34.96.71.22 34.96.71.22	() ()
230	68

13 88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

pastelink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.139 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.34.52 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-16.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.253.156.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 81.17.55.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.187.184.108 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 108.184.187.35.bc.googleusercontent.com

rtb.ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 135.125.163.195 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: f31.adventori.com

eu.adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adventori.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.211.10.211 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-10-211.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.214.66 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-214-66.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.123.45.151 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-123-45-151.deploy.static.akamaitechnologies.com

travel198849194933.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-88.cdg50.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.51.104.207 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-104-207.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.8.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-8-205.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.154 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.60.204.187 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-204-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-77.muc50.r.cloudfront.net

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.236.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-236-157.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.131 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.195.142 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-195-142.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.243.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-243-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (None, ) 3 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (None, ) 5 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.247.233.198 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.57.224 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.31 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (None, ) 1 redirects

ASN- ()

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.63.74 (None, ) 2 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (None, ) 2 redirects

ASN- ()

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.234 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.206 (None, ) 1 redirects

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.173 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.214.124 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.81.170 (None, )

ASN- ()

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, )

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (None, ) 1 redirects

ASN- ()

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 568 eus.rubiconproject.com — Cisco Umbrella Rank: 623 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1164 token.rubiconproject.com pixel.rubiconproject.com pixel-us-east.rubiconproject.com	38 KB
15	adventori.com 1 redirects eu.adventori.com — Cisco Umbrella Rank: 12660 adventori.com — Cisco Umbrella Rank: 4988	488 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	60 KB
13	doubleclick.net 5 redirects ad.doubleclick.net — Cisco Umbrella Rank: 184 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 cm.g.doubleclick.net	152 KB
13	pastelink.net pastelink.net — Cisco Umbrella Rank: 205014	333 KB
10	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 590 ads.pubmatic.com — Cisco Umbrella Rank: 567 image6.pubmatic.com — Cisco Umbrella Rank: 784 image2.pubmatic.com simage2.pubmatic.com Failed simage4.pubmatic.com Failed	40 KB
10	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2916 public.servenobid.com — Cisco Umbrella Rank: 5079	7 KB
8	moatads.com z.moatads.com — Cisco Umbrella Rank: 647 geo.moatads.com — Cisco Umbrella Rank: 765 px.moatads.com — Cisco Umbrella Rank: 570	113 KB
7	smartadserver.com 1 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1544 ssbsync.smartadserver.com — Cisco Umbrella Rank: 832	4 KB
6	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 323 pr-bh.ybp.yahoo.com	1 KB
6	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1785 usersync.gumgum.com	3 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 acdn.adnxs.com — Cisco Umbrella Rank: 577 secure.adnxs.com — Cisco Umbrella Rank: 458	21 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 384	1 KB
5	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 490 dsum-sec.casalemedia.com Failed	6 KB
5	moatpixel.com travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 85056	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1815	21 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	215 KB
4	travelaudience.com rtb.ads.travelaudience.com — Cisco Umbrella Rank: 96901 ads.travelaudience.com — Cisco Umbrella Rank: 8884	25 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1065 api.btloader.com — Cisco Umbrella Rank: 1153	9 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 933 ap.lijit.com — Cisco Umbrella Rank: 747	2 KB
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 734 gum.criteo.com — Cisco Umbrella Rank: 437 dis.criteo.com Failed	7 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 801	361 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1623 mp.4dex.io — Cisco Umbrella Rank: 2922	25 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	229 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com	701 B
2	360yield.com 2 redirects ad.360yield.com	645 B
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	amazon-adsystem.com s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com Failed	2 KB
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 853	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	60 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1316 contextual.media.net — Cisco Umbrella Rank: 634 hbx.media.net Failed	10 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1171	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	84 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	2 KB
1	company-target.com 1 redirects s.company-target.com	426 B
1	tidaltv.com sync.tidaltv.com	67 B
1	crwdcntrl.net sync.crwdcntrl.net	265 B
1	quantserve.com 1 redirects cms.quantserve.com	588 B
1	bluekai.com 1 redirects stags.bluekai.com	770 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 588	359 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1522	274 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1004	156 B
1	sonobi.com sync.go.sonobi.com	500 B
1	technoratimedia.com ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 4301 sync.technoratimedia.com Failed	6 KB
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3788	370 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1798	160 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4958	526 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3872	835 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 19680	687 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 19308	150 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 261	1 KB
0	ad4m.at Failed ad4m.at Failed
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	adform.net Failed c1.adform.net Failed
0	simpli.fi Failed um.simpli.fi Failed
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	erne.co Failed green.erne.co Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	iprom.net Failed core.iprom.net Failed
0	ctnsnet.com Failed ipac.ctnsnet.com Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	loopme.me Failed csync.loopme.me Failed
0	opera.com Failed t.adx.opera.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	adition.com Failed dsp.adfarm1.adition.com Failed
0	de17a.com Failed d5p.de17a.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	openx.net Failed us-u.openx.net Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
0	turn.com Failed ad.turn.com Failed
230	82

	Domain	Requested by
13	eu.adventori.com	1 redirects rtb.ads.travelaudience.com eu.adventori.com
13	pastelink.net	pastelink.net
9	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ssbsync.smartadserver.com ssum-sec.casalemedia.com
8	cm.g.doubleclick.net	5 redirects g2.gumgum.com
6	eus.rubiconproject.com	cdn4.buysellads.net public.servenobid.com eus.rubiconproject.com g2.gumgum.com
6	px.moatads.com	rtb.ads.travelaudience.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com tpc.googlesyndication.com
5	usersync.gumgum.com	g2.gumgum.com
5	match.adsrvr.org	g2.gumgum.com ads.pubmatic.com ssbsync.smartadserver.com ssum-sec.casalemedia.com
5	travel198849194933.s.moatpixel.com	rtb.ads.travelaudience.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	prg.smartadserver.com	cdn4.buysellads.net
4	image2.pubmatic.com	ads.pubmatic.com
4	ups.analytics.yahoo.com	public.servenobid.com ads.pubmatic.com ssum-sec.casalemedia.com
4	ssum-sec.casalemedia.com	2 redirects public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com
4	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ads.pubmatic.com
4	ib.adnxs.com	1 redirects cdn4.buysellads.net acdn.adnxs.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	region1.google-analytics.com	www.googletagmanager.com
3	api.btloader.com	btloader.com
3	www.googletagmanager.com	pastelink.net www.googletagmanager.com www.google-analytics.com
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	g2.gumgum.com ads.pubmatic.com
2	aax-eu.amazon-adsystem.com	ads.pubmatic.com
2	token.rubiconproject.com	2 redirects
2	p.rfihub.com	2 redirects
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	adventori.com	eu.adventori.com
2	ads.travelaudience.com	rtb.ads.travelaudience.com
2	rtb.ads.travelaudience.com	2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com rtb.ads.travelaudience.com
2	2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	ad-delivery.net	pastelink.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagservices.com	cdn4.buysellads.net 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
2	www.google.com	pastelink.net tpc.googlesyndication.com
2	fonts.googleapis.com	pastelink.net
1	s.company-target.com	1 redirects
1	dsum-sec.casalemedia.com	ssum-sec.casalemedia.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	sync.tidaltv.com	ssbsync.smartadserver.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	1 redirects
1	stags.bluekai.com	1 redirects
1	secure.adnxs.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com	public.servenobid.com
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	ap.lijit.com	public.servenobid.com
1	ad-cdn.technoratimedia.com	public.servenobid.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	contextual.media.net	cdn4.buysellads.net
1	geo.moatads.com	z.moatads.com
1	z.moatads.com	rtb.ads.travelaudience.com
1	bidder.criteo.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	ad.doubleclick.net	pastelink.net
1	btloader.com	cdn4.buysellads.net
1	www.gstatic.com	www.google.com
1	cdn4.buysellads.net	pastelink.net
1	cdnjs.cloudflare.com	pastelink.net
0	simage4.pubmatic.com Failed	ads.pubmatic.com
0	ad4m.at Failed	ssum-sec.casalemedia.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	c1.adform.net Failed	ads.pubmatic.com
0	um.simpli.fi Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	green.erne.co Failed	ads.pubmatic.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	ipac.ctnsnet.com Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	csync.loopme.me Failed	ads.pubmatic.com ssum-sec.casalemedia.com
0	t.adx.opera.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com ssbsync.smartadserver.com
0	dsp.adfarm1.adition.com Failed	ads.pubmatic.com
0	simage2.pubmatic.com Failed	ads.pubmatic.com
0	dis.criteo.com Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	sync-tm.everesttech.net Failed	g2.gumgum.com ads.pubmatic.com ssbsync.smartadserver.com
0	bh.contextweb.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.srv.stackadapt.com Failed	g2.gumgum.com ads.pubmatic.com
0	us-u.openx.net Failed	g2.gumgum.com
0	sync.outbrain.com Failed	g2.gumgum.com
0	x.bidswitch.net Failed	g2.gumgum.com ads.pubmatic.com
0	s.amazon-adsystem.com Failed	ssum-sec.casalemedia.com
0	px.ads.linkedin.com Failed
0	sync.technoratimedia.com Failed	public.servenobid.com g2.gumgum.com
0	hbx.media.net Failed	public.servenobid.com
0	ad.turn.com Failed	public.servenobid.com ads.pubmatic.com
230	119

This site contains links to these domains. Also see Links.

Domain
www.pearltrees.com
www.facebook.com
twitter.com
t.me
api.whatsapp.com
www.reddit.com
www.pinterest.com
www.tumblr.com
www.blogger.com
profitquery.com
www.linkedin.com
share.flipboard.com
social-plugins.line.me
www.meneame.net
diasp.org

Subject Issuer	Validity	Valid
*.pastelink.net R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn4.buysellads.net R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
rtb.ads.travelaudience.com R3	`2023-07-02` - `2023-09-30`	3 months	crt.sh
ads.travelaudience.com R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.adventori.com R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.technoratimedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-08` - `2024-07-08`	a year	crt.sh

This page contains 51 frames:

Primary Page: https://pastelink.net/bqlh9bgh
Frame ID: B6DEB8F79B0E29B144377132EB8DF8DC
Requests: 68 HTTP requests in this frame

Frame: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 861F153F86CF1B282068C97F99E2CB57
Requests: 1 HTTP requests in this frame

Frame: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7EFB0E5F88B2C4E100A8E50BBF62D419
Requests: 8 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Frame ID: F1C5794AFD1E23E2454F63E4F3E4AAE8
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2F8B47D23906A639127AD63317E9749
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2645E84694064B54646227661C55407
Requests: 2 HTTP requests in this frame

Frame: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
Frame ID: 10B0409547336C80FA0ED5317A9D8591
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: BFB64E6A4187886E84F0241755133703
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: A21180C1CA0E8C74714028D44F82AC8B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F8CC7BE95C040C922817F999ED13BE75
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3BDF518AEC46FA7D97415D13FC398111
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1690316738170
Frame ID: C8847FCD4FF60EDA44DDAE388E480FE3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 07EDA7045C06D995C4087874F55C641C
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B1D64B1D81456EF855DBDE3002A5F69C
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 455BA42BF7446D7CC6789F8E7AB5ACC8
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A2CCCA90052FF388483CDD1C22CD6F10
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 27E9A2717AB7FFBBEBC83DC4170D44CF
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: D1841FEBC3D5D0DD7717E13A1F6665BD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 1D451EFC20576ED42AD1FD3CFEFE7C89
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 5D7B99E6FDFCDF6124610936D43D9543
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F60ECE7E6381FFFA5569370B7DEB63E0
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: E045762BECEBD002969607E2B3A5BBDE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: D3AEFF2A441A85AA19C6F4BD96E0CD2B
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: 3A8388DE568F36FD023F2A97BEDA122E
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: F2A65D2B1A8F9DF443B3AA6BB3AB626D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNWU2ZjZkNC1kMGRhLTQ2NjQtYThlZC04MjMxZWQ2M2RiNTA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 7ABC10154ECD895D6B1E2E038393ECBC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 671874E547EB33AF9CE3404867BC2E19
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 75E0898CD17038B28F41C9C820FD003D
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 9CB64D61809051773C3443854F55E493
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_05e6f6d4-d0da-4664-a8ed-8231ed63db50&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 86267B93107B0459F4FE9432AA1BFB9A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Frame ID: F6AC5ECF9CCC4CBD63E4FACD6D65A2C4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Is1f0399QQsLmDhmDwKi&pi=gumgum&tc=1
Frame ID: D22126B80BDA6E9D52489383DD07E0AE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 38D23388BEA57EC40521A91412A95018
Requests: 3 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: BA3AB742CFB879D7822F8B9CC7465154
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 20BC25EBEB0A73A07EF397B3936336FF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628775245803
Frame ID: 7A4C71AC51244C0A284C48E6F0246C0D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: EC9515D53B5799B4AA89CF0320207700
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NKWSEzD3khUv8MkaO6LcR2aolxsvoJcTMPW88mbQ
Frame ID: C4164945D63D22DE0CFAAE33213BF295
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3729927191342844057&gdpr=0&gdpr_consent=
Frame ID: 049A24CB5B302AC7184C9238FA634DFA
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: 3AE8A427B6127899E750BD9B45E4ED96
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 875F42CF6891ABEA95FCB7E3526CA39F
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 23C222C7EF77C693A1E0007A8607F5E2
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 80C9CB315D68A58148F9D4B03324EF06
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 63D78F3B22EDC47717FB10AFA883B553
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: B19EE6E1F6C5680E71C332B2B6EF1916
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 82FF945CB76ECC2709D6F316B56960F5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D7EB1C6E2D4968CB2D458BB3E1A8B3A8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: BAF50586050ECEF814665259F72E0B7B
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 2C86AA9CFE8517C5361E00EFFE2ADD13
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: 9F8EA1011440E5D6FE5F592D15CEFF5A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F2BEE1D0FA0AC1A8DA408C1600A38C53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The History Of Buckinghamshire Electricians In 10 Milestones - Pastelink.net

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

230
Requests

71 %
HTTPS

0 %
IPv6

82
Domains

119
Subdomains

68
IPs

9
Countries

2112 kB
Transfer

4621 kB
Size

46
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pearltrees.com/shellslice4/item531094023
Title: https://www.pearltrees.com/shellslice4/item531094023

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=%20https://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%20%0Ahttps://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%20https://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://https://pastelink.net/bqlh9bgh&title=%20

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://pastelink.net/bqlh9bgh&description=%20&media=https://pastelink.net/assets/images/pastelink-logo-square.png

Search URL Search Domain Scan URL

URL: http://www.tumblr.com/share?v=3&u=https://pastelink.net/bqlh9bgh&t=%20&posttype=link

Search URL Search Domain Scan URL

URL: https://www.blogger.com/blog-this.g?u=https://pastelink.net/bqlh9bgh&n=%20

Search URL Search Domain Scan URL

URL: https://profitquery.com/add-to/livejournal/?url=https://pastelink.net/bqlh9bgh&title=%20

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%20&url=https://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://pastelink.net/bqlh9bgh&text=%20

Search URL Search Domain Scan URL

URL: https://www.meneame.net/submit?url=https://pastelink.net/bqlh9bgh

Search URL Search Domain Scan URL

URL: https://diasp.org/bookmarklet?url=https://pastelink.net/bqlh9bgh&title=%20&jump=doclose

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjpRcnVJalVCMGhrWkZWQmxzZUF1dmtQNW84TGpBaDFKVDUxV1RQUTo6MzAweDI1MDpDM0RFQTBCNS0xRUYwLTQwMkMtQUEyNy0xRTQ5MUU5M0E2N0M6MDA6Ojo5MDAwMDowLjY4MjgzNjkxMjAzNDQzNDM6Ojo6OjoxOjA6Ojo6Ojo6MTAwMDMyNzoyOjE6OjowOjowOlBUOjo6LTE6OlpNQXZ3Z0FIaUhRSzREblpBQVdiSF9qbDY2WUJqVXVhc1NvNEZBOnBhc3RlbGluay5uZXQ6MTozMDY4OTE6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTY1NjU3ZmM0YjUtbXdqZGQ6Ojo1NDk2NDQzOTM4NDgxOTU1NzM6MTo6Ojo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06N3NPTWszMm8xS05xYjM4WTJNc0Ewdz09OjYwMDExMjIzOjcwMDA0MjY5Ojk5OSUyYzE6Mjo0OjUwMDAyMjk3OjpFVVI6Ojo6Ojo6Ojo6Ojo6Ojo6UXJ1SWpVQjBoa1pGVkJsc2VBdXZrUDVvOExqQWgxSlQ1MVdUUFE6RVVSOjI6Ojo6Ojo6OjA6MDo6MDo6MTo6Ojo6OjoxAGh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYWk9QzBaaS13aV9BWlBTUUh0bnpnQWVmdHBiUURkUEgwWkp4bVk2Q204b0t3STIzQVJBQklBQmc3ZnpkaGF3YmdnRVhZMkV0Y0hWaUxUazJNREkxTVRrMU1ESTJNVGd5TmpMSUFRbXBBbDkwM19BdWdiSS00QUlBcUFNQnlBTUNxZ1NIQWtfUWZWNnppb2UwdW0xNHlGeXZwMTNIVzJBOFVpSm53dlhRRkhsM0tiZkNSb051SmdTeXpjb085U3ZGQ1p0MGNXVlRQZkhXQW91ZzVNSTVsUmFPNjhkWHRFVzV6QW5lZUtndzZQcVdMX08wckVzYzhZWlVxVm9RamdQZzNxd185SkdORHNOdTd6UWlqeXVYU1RVbTc4RFRiblpKNm5ueC1ZUzlUZm9NeDJHQWVobWk1R2RLYnFWWk1EYllyWTNsX2pycTgwZ0JWcXVZWnNrWUFuSk5FeE9ESmdGbUpVTU5LSTVIbVNKOGZSUkxLaDRQZDdIZ3UzVEZqWXVfZXllZmFsajU5SVN0a193ZlExVEY4MVE1TDdxNHV0Y3VianNCQkg4aUVfcFE3SEw1RmRWZkp5QzdsSEZWclZUbHl4YnNNRENWNFp3VDA3MWFaWG9ZX0sxWE1pZTlwMkZHclVoQTRBUUJnQWJaOTREMDE0Nkw1NHdCb0FZaHFBZW12aHVvQjViWUc2Z0hxcHV4QXFnSGc2MnhBcWdIXzU2eEFxZ0gzNS14QXRnSEFOSUlGQWlBNFlBUUVBRXlBcW9DT2dLQVFFaTlfY0U2LWdzQ0NBR0FEQUhRRlFHQUZ3RSZudW09MSZzaWc9QU9ENjRfMFZRNDRtV19qcnJtMmFxWlUxQlVDaDhxeVpadyZjbGllbnQ9Y2EtcHViLTk2MDI1MTk1MDI2MTgyNjImYWR1cmw9%26redirect%3D HTTP 302
https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjpRcnVJalVCMGhrWkZWQmxzZUF1dmtQNW84TGpBaDFKVDUxV1RQUTo6MzAweDI1MDpDM0RFQTBCNS0xRUYwLTQwMkMtQUEyNy0xRTQ5MUU5M0E2N0M6MDA6Ojo5MDAwMDowLjY4MjgzNjkxMjAzNDQzNDM6Ojo6OjoxOjA6Ojo6Ojo6MTAwMDMyNzoyOjE6OjowOjowOlBUOjo6LTE6OlpNQXZ3Z0FIaUhRSzREblpBQVdiSF9qbDY2WUJqVXVhc1NvNEZBOnBhc3RlbGluay5uZXQ6MTozMDY4OTE6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTY1NjU3ZmM0YjUtbXdqZGQ6Ojo1NDk2NDQzOTM4NDgxOTU1NzM6MTo6Ojo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06N3NPTWszMm8xS05xYjM4WTJNc0Ewdz09OjYwMDExMjIzOjcwMDA0MjY5Ojk5OSUyYzE6Mjo0OjUwMDAyMjk3OjpFVVI6Ojo6Ojo6Ojo6Ojo6Ojo6UXJ1SWpVQjBoa1pGVkJsc2VBdXZrUDVvOExqQWgxSlQ1MVdUUFE6RVVSOjI6Ojo6Ojo6OjA6MDo6MDo6MTo6Ojo6OjoxAGh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYWk9QzBaaS13aV9BWlBTUUh0bnpnQWVmdHBiUURkUEgwWkp4bVk2Q204b0t3STIzQVJBQklBQmc3ZnpkaGF3YmdnRVhZMkV0Y0hWaUxUazJNREkxTVRrMU1ESTJNVGd5TmpMSUFRbXBBbDkwM19BdWdiSS00QUlBcUFNQnlBTUNxZ1NIQWtfUWZWNnppb2UwdW0xNHlGeXZwMTNIVzJBOFVpSm53dlhRRkhsM0tiZkNSb051SmdTeXpjb085U3ZGQ1p0MGNXVlRQZkhXQW91ZzVNSTVsUmFPNjhkWHRFVzV6QW5lZUtndzZQcVdMX08wckVzYzhZWlVxVm9RamdQZzNxd185SkdORHNOdTd6UWlqeXVYU1RVbTc4RFRiblpKNm5ueC1ZUzlUZm9NeDJHQWVobWk1R2RLYnFWWk1EYllyWTNsX2pycTgwZ0JWcXVZWnNrWUFuSk5FeE9ESmdGbUpVTU5LSTVIbVNKOGZSUkxLaDRQZDdIZ3UzVEZqWXVfZXllZmFsajU5SVN0a193ZlExVEY4MVE1TDdxNHV0Y3VianNCQkg4aUVfcFE3SEw1RmRWZkp5QzdsSEZWclZUbHl4YnNNRENWNFp3VDA3MWFaWG9ZX0sxWE1pZTlwMkZHclVoQTRBUUJnQWJaOTREMDE0Nkw1NHdCb0FZaHFBZW12aHVvQjViWUc2Z0hxcHV4QXFnSGc2MnhBcWdIXzU2eEFxZ0gzNS14QXRnSEFOSUlGQWlBNFlBUUVBRXlBcW9DT2dLQVFFaTlfY0U2LWdzQ0NBR0FEQUhRRlFHQUZ3RSZudW09MSZzaWc9QU9ENjRfMFZRNDRtV19qcnJtMmFxWlUxQlVDaDhxeVpadyZjbGllbnQ9Y2EtcHViLTk2MDI1MTk1MDI2MTgyNjImYWR1cmw9%26redirect%3D&tk_region=eu&tk_r=true

Request Chain 120

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 121

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 127

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=3729927191342844057

Request Chain 128

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HCppuRZHXtp_zdc3Rta1D5IW

Request Chain 130

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1690316741888 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3314579194

Request Chain 131

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5141210826173789541

Request Chain 133

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 135

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-e8dbf8ba-f2f9-3a97-982e-e1cb191201a4

Request Chain 146

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtJUVhZRkYtMVotM0NTSQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENEXeIynKdfgPvPc1qvYKH4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJUVhZRkYtMVotM0NTSQ==&google_push=

Request Chain 147

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIQXYFF-1Z-3CSI

Request Chain 148

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/t0sL1AXbP6h090hokouc78n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AErQXQFE2oLyilJ4ZRlQqtma.QQviAy7gxxbkg--~A

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM4QxMdVNcd9VOcu4kTvdVY&google_cver=1

Request Chain 151

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j-pj6-DeRTG-EVFQ5r0ldA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j-pj6-DeRTG-EVFQ5r0ldA

Request Chain 152

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2YyM2NiNzBiM2M0YjM4YjQwYzA2ODQxZGZlYjhlNzI3NzdiODA3Yg

Request Chain 153

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=3729927191342844057

Request Chain 162

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_05e6f6d4-d0da-4664-a8ed-8231ed63db50&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=g81jbLPxEUoJSplfALhh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZZYGFVGETCQPBCVK32KKNYGYZSBJRUGQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZZYGFVGETCQPBCVK32KKNYGYZSBJRUGQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=g81jbLPxEUoJSplfALhh&us_privacy=1---

Request Chain 163

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=6df04ae0-813c-460b-b5f6-8a52f214235a

Request Chain 165

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=5612066060575107549

Request Chain 173

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1

Request Chain 174

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=Is1f0399QQsLmDhmDwKi&pi=gumgum&tc=1

Request Chain 175

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 178

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628775245803

Request Chain 179

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 180

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NKWSEzD3khUv8MkaO6LcR2aolxsvoJcTMPW88mbQ

Request Chain 181

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3729927191342844057&gdpr=0&gdpr_consent=

Request Chain 193

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bdWNLeu2TeCgjAHAUbmkcA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkRENThEMkQtRUJCNi00REUwLUEwOEMtMDFDMDUxQjlBNDcw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFKVFCfg3tALxDEJ3lDKdBA&google_cver=1

Request Chain 208

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=55fc7653-b929-4510-bae8-4a2303fd4792-64c02fc7-5541&gdpr=0&gdpr_consent=

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMAvxfUfKjnRehBUIyCkVwAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVmKWum_hPo6rRd_X9jb2s&google_cver=1

Request Chain 219

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZMAvxfUfKjnRehBUIyCkVwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGoYSggTz2AlTT55KnVY5W4&google_cver=1

Request Chain 224

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1706214343&external_user_id=6b996eab-8974-4577-83b6-38b6bb1b1826

230 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bqlh9bgh Show response
pastelink.net/ 30 KB
9 KB 351ms
167ms Document
text/html 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

1434ebda5f68933947fe38b3bf7046266c877424a73871c9e7694c8a75e615c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 20:25:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
802 B 258ms
90ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 20:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 20:25:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 20:25:36 GMT

GET
H2 200 styles.css
pastelink.net/assets/css/ 121 KB
121 KB 105ms
104ms Stylesheet
text/css 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/css/styles.css?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/bqlh9bgh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-1e436"
content-type: text/css
accept-ranges: bytes
content-length: 123958

GET
H2 200 jquery-3.6.0.min.js Show response
pastelink.net/assets/js/ 87 KB
88 KB 224ms
222ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/jquery-3.6.0.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/bqlh9bgh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-15d9d"
content-type: application/javascript
accept-ranges: bytes
content-length: 89501

GET
H2 200 script.min.js Show response
pastelink.net/assets/js/ 41 KB
41 KB 89ms
88ms Script
application/javascript 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://pastelink.net/assets/js/script.min.js?q=36

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/bqlh9bgh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-a225"
content-type: application/javascript
accept-ranges: bytes
content-length: 41509

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 2 KB
1 KB 186ms
88ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8507894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 772
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBID0hLIWjrSuEwB%2Br79Oz6crWFliZSeXRm4RCRQWq6KSRlcmuDYasPr64nZFP4NhD%2B73R%2FAnHyMRWFILhAcNXSfV%2FYOV9Ga2X%2FEin2EP43yB0LKMcjhQ%2B2aN%2BO%2BxZPhHAmxJzrf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ec722131adf94fb-LIS
expires: Sun, 14 Jul 2024 20:25:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
909 B 257ms
90ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anek+Gurmukhi:wght@400&display=swap

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

a64eee02706eff33279e6fc242305e3416afe856ed9430632cf3f05dc003fa26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 20:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 20:25:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 20:25:36 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
895 B 258ms
89ms Script
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

f62774e0fe35ad4b9eff05df667da9777f3a19f2c513c8625ddfec5487411463

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
x-xss-protection: 1; mode=block
expires: Tue, 25 Jul 2023 20:25:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
70 KB 265ms
94ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a58e0f59ae04db53972778055614870357203a20ee085a16be019653a141336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71692
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 19:12:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jul 2023 20:25:36 GMT

GET
H2 200 pastelink.js Show response
cdn4.buysellads.net/pub/ 536 KB
150 KB 192ms
63ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Requested by: Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 46cdbdddd5edb5d20df69fb3ef10dd8eb449d0248defdf52593ee73d4f993bf5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2023 19:57:04 GMT
server: AmazonS3
x-amz-request-id: 53PYSZX89MPRQ4M8
etag: "ebe9528a18f194c37cbb907ccf6a8acf"
x-amz-server-side-encryption: AES256
x-hw: 1690316736.cds042.ma1.hn,1690316736.cds026.ma1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 153283
x-amz-id-2: pGOQNxhnmBxykYBdJDDod2ur1EcdbNSr2u3UZV9VOYKY1e4wbxM+1DoK/+hrvc+P7IVVHH4khsA=

GET
H2 200 recaptcha__pt_pt.js Show response
www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/ 431 KB
174 KB 256ms
82ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iRvKkcsnpNcOYYwhqaQxPITz/recaptcha__pt_pt.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

00c5ba62a4d4bdc3103779e28395db393f79eb7f2cc2c17f58e97d1f2ad600e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 600120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177103
x-xss-protection: 0
last-modified: Sun, 16 Jul 2023 01:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 21:43:36 GMT

GET
H2 200 debut_light.png
pastelink.net/assets/images/ 4 KB
4 KB 87ms
87ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/debut_light.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-10c8"
content-type: image/png
accept-ranges: bytes
content-length: 4296

GET
H2 200 pastelink-logo-portuguese.svg
pastelink.net/assets/images/logo/ 15 KB
15 KB 89ms
88ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-portuguese.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

5a14d7bd1699abb15b23de83e68faa49a4350606f9de3311156de136d27de304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-3d07"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 15623

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-down-blue.svg
pastelink.net/assets/images/ 239 B
409 B 87ms
87ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/arrow-down-blue.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-ef"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 239

GET
H2 200 moon.svg
pastelink.net/assets/images/ 2 KB
2 KB 88ms
87ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/moon.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-62e"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1582

GET
H2 200 public-black.svg
pastelink.net/assets/images/ 578 B
748 B 88ms
87ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/public-black.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-242"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 578

GET
H2 200 social-spritesheet.png
pastelink.net/assets/images/ 28 KB
28 KB 88ms
88ms Image
image/png 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/social-spritesheet.png

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-70de"
content-type: image/png
accept-ranges: bytes
content-length: 28894

GET
H2 200 logo-bg-90-tl.svg
pastelink.net/assets/images/ 2 KB
2 KB 91ms
89ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-bg-90-tl.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-933"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2355

GET
H2 200 pastelink-logo-portuguese-contrast.svg
pastelink.net/assets/images/logo/ 16 KB
16 KB 92ms
91ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo/pastelink-logo-portuguese-contrast.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

ecffe1a2db6cd3a0cfd033772fb6351d6c2b3fadd63c9864c8906f0e0c2e7b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-3ecc"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 16076

GET
H2 200 logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 4 KB
5 KB 94ms
93ms Image
image/svg+xml 88.208.215.108
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg

Requested by

Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/assets/css/styles.css?q=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 15 May 2023 18:42:14 GMT
server: nginx
etag: "64627d06-11c0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 4544

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 247ms
81ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 02:08:03 GMT
x-content-type-options: nosniff
age: 238653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jul 2024 02:08:03 GMT

GET
H2 200 0QIAMXRO_YSkA0quVLY79JnHybfeEOrXCa9Dmd9Ql6a6R_vEMc5TaLkbd5tZW6Q0.woff2
fonts.gstatic.com/s/anekgurmukhi/v8/ 17 KB
18 KB 293ms
127ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anekgurmukhi/v8/0QIAMXRO_YSkA0quVLY79JnHybfeEOrXCa9Dmd9Ql6a6R_vEMc5TaLkbd5tZW6Q0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anek+Gurmukhi:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cd42b306e9e9901eb83bba5c2461cfd0dc99655899257ef88474324789a88439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 15:49:09 GMT
x-content-type-options: nosniff
age: 275787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17904
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 23:06:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 15:49:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 285ms
120ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 17:59:06 GMT
x-content-type-options: nosniff
age: 440790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 17:59:06 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 253ms
87ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pastelink.net
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 07:13:47 GMT
x-content-type-options: nosniff
age: 393109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 07:13:47 GMT

GET
H2 200 tag Show response
btloader.com/ 24 KB
9 KB 187ms
77ms Script
application/javascript 104.26.6.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2321323b4f54e59a8593b67fb682e6ab66d7d35066d2437de710cff023a5b235

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 20:13:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 629
etag: W/"1380c913f30c6456a3e39f376c4a7e89"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JMjEEWr2Q8WN9AC%2Bgk9Xx4Np5QbUvqxgcvn5gkV766bTb%2Fx%2BoinMLiNjP3UpdAB1aMXhwVcVFo3GNf4HVgJeTeRGxzHhFds6GXsyaXfNOH92rVihuBjyZascMJDvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7ec72217196d69d8-MAD

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 314ms
154ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b849e865cb27cf8d88d106664e7154243dc8686d222da3399f0e6e274b278308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27589
x-xss-protection: 0
server: cafe
etag: 223 / 19563 / m202307200101 / config-hash: 10173748649318660928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 20:25:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 251ms
79ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 18:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6618
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 25 Jul 2023 20:35:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
81 KB 95ms
94ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

250536fbe1c4516899004e47f2d47480a213b24f031911925f42cebd03baf0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 20:25:37 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 276ms
160ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 20:25:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
920 B 181ms
64ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1302012
x-guploader-uploadid: ADPycdtJ7mxapUrVK4usd-OLhxQ_ANgl3utCsOBIJMj7B0oZQIo7J2h8HgTnFIDZsiCezdf--PTDupuxaZbaArdAXQiD5Epu56Gw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bvsb5dgF9XdaHHF9icAIthqQF4u5PRomEnGyqGvQxXJ1QD9yzOYF8qheBMeDswxy9YEWWKPVs%2FW0OZWdi92dMc34Pmxh1wQF9Z%2FFJZn4oA44dgRO786yZ8epOZ1l4jUwjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7ec722187b1e69bd-MAD
expires: Mon, 10 Jul 2023 19:35:30 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 246ms
78ms Image
image/x-icon 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 12:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 12:18:50 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
328 B 184ms
67ms Image
image/gif 104.26.2.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5975068900596303
Requested by: Host: pastelink.net
URL: https://pastelink.net/bqlh9bgh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1302012
x-guploader-uploadid: ADPycdtJ7mxapUrVK4usd-OLhxQ_ANgl3utCsOBIJMj7B0oZQIo7J2h8HgTnFIDZsiCezdf--PTDupuxaZbaArdAXQiD5Epu56Gw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqYHadB0Lf3LfqNw5GkRFwQm7AezgkKZKJQUk4w4CeHdb3FHNI9GGoMdc8uFf0aAG4DHb%2FYiGGrh9h90OyovBREXC3Vc%2BIAr18%2BDDehvKJ%2FbRLL2ODE3HaHDybiP2%2Fp2yg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7ec722187b2069bd-MAD
expires: Mon, 10 Jul 2023 19:35:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 203ms
74ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je37o0&_p=1200677144&cid=813263639.1690316737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690316737&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&dt=The%20History%20Of%20Buckinghamshire%20Electricians%20In%2010%20Milestones%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 385 KB
123 KB 261ms
81ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 17:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9950
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Jul 2024 17:39:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 88ms
87ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1200677144&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&ul=en-us&de=UTF-8&dt=The%20History%20Of%20Buckinghamshire%20Electricians%20In%2010%20Milestones%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1156268128&gjid=245390575&cid=813263639.1690316737&tid=UA-55088947-2&_gid=855706927.1690316737&_r=1&_slc=1&gtm=45He37o0n8155WHPWQ&z=1888124115

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 154ms
152ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8eeb675cf623424134ac3543609e667d2072a198080f794bdbc3fccf927786bb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 155ms
154ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=L7KfWRVw8&w=5093624318001152&o=5102648370397184&cv=2.1.16-1-g6ebe2ee&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&sid=TSMNZPKsR5&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 20:25:37 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 96ms
95ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

05266a1e775365d71a365219ae83244d99816b24a8fac6888ec34635288f619d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 20:25:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 79ms
78ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je37o0&_p=1200677144&ul=en-us&sr=1600x1200&cid=813263639.1690316737&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&dt=The%20History%20Of%20Buckinghamshire%20Electricians%20In%2010%20Milestones%20-%20Pastelink.net&sid=1690316737&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CWYD627N.json Show response
srv.buysellads.com/ads/ 934 B
687 B 327ms
84ms Fetch
application/json 64.227.34.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=502109&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.227.34.52 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 3e25526ec39fb4539bbd10d2895f11d47b01d3e3e7495a4711d13ce0ad1f8644

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 550

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1009 B 226ms
64ms Script
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 20:25:38 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1296897
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTnNRdQeG03cj0hz7VD8qMa6XfC%2BMCD%2B7%2FNAuniqlZx7HeB77S%2BcdbXH4eCCZrF4r6mJJ1EEeeQaY9b1BJEzHT2iCxORBec9lVP%2FxpCLw%2FvLLG2kgfBOSAhNNwqEQkmL"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7ec7221c9bde69eb-MAD

POST
H2 200 adreq Show response
ads.servenobid.com/ 98 B
429 B 332ms
92ms XHR
application/json 34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=148
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a0e5613b3e2c3dd113dbfbf2d26ce6a46e8ab8b34cbb118fd40f3ec7e15c1814

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 467ms
120ms XHR
application/json 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 465ms
119ms XHR
application/json 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 464ms
120ms XHR
application/json 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 461ms
119ms XHR
application/json 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:37 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
555 B 459ms
118ms XHR
application/json 81.17.55.98
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pastelink.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 402ms
249ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a192baa8acadc38f548b55474d205b2f64945447e903855b26d3ed746b60b7e

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Tue, 25 Jul 2023 20:25:38 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 278ms
80ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://pastelink.net
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
835 B 356ms
162ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&PageUrl=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&PageReferrer=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37fa3832e3ef18c917a5f906515cc35fce5ac59c11d2025eed8bbffd53e1c00c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 80
content-length: 482
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 423 B
758 B 311ms
116ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=1cc9220c-2e87-440e-8e6b-396a5234ce3c&l_pb_bid_id=41d9c8880be0b03&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.9842845232999127
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c32e2f0b0f75ff7d8a4441de301276cd48e6aa4d97eb72007bfd274c11de639a

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 423
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
764 B 319ms
124ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=1bc988b0-bdba-4647-8e5f-242150b337f8&l_pb_bid_id=4284dc808eae31b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.8210233648491312
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9946ad8d15a262d3a77da0d56b5838c77ba7429e1ed4a8c3e9f5fae04d2460f6

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 425 B
759 B 343ms
148ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=a771afe1-1b03-4274-b64c-f6670a4ba413&l_pb_bid_id=43ef173d6406369&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.13277876757156948
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 58a8f57932703dcf20211f29eda87e2fa5154dcfe22a78d50287f222c7f638b7

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 425
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
937 B 310ms
115ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=1d6a5a76-7f0f-4312-85d8-d8721e6143a9&l_pb_bid_id=44fb276121d9d22&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.23908791640127602
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 986511b599e1b5ec43cc6e71bdabe5c65ec1f30b02840edfc855db01c0c362bc

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
111 B 272ms
97ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Tue, 25 Jul 2023 20:25:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
713 B 222ms
109ms XHR
application/json 104.18.2.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 25 Jul 2023 20:25:38 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7ec7221cdb38338d-LIS
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 495 B
1 KB 449ms
275ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f2a5bfb1fbe1d1bd266d396cbc14d637207bc97ef7c0d563417b15826b792c4c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:38 GMT
an-x-request-uuid: 0e48bb43-74b2-4451-8ad7-4dcfbf402f77
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pastelink.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.128.9.17; 185.128.9.17; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 495
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 254ms
80ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=66454085280&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pastelink.net
date: Tue, 25 Jul 2023 20:25:38 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 180ms
69ms Fetch
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 20:25:38 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1580387
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZKPNN%2FYt%2FAIRqc68TWEPVHOziCI8K87x8xAmV6nQmw6T5I%2BI0AnM%2FqFCFCMYLwj%2FUX8sGr%2FM%2B6zDH5%2B8KLChJ2CQg%2BV670rGBFx%2BjV0CK6Ry%2F%2FTXIaTyTkaVlkOwQLU"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7ec7221db99e69de-MAD

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 293ms
292ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1710686667227348&correlator=1107646488753394&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1690316738390&lmt=1690316738&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C317%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&frm=20&vis=1&psz=1600x-1%7C705x396%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=813263639.1690316737&ga_sid=1690316738&ga_hid=1200677144&ga_fc=true&dlt=1690316736374&idt=1428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b6339d240eb57a8b87059ea8e4cd32ee90d34dcfba785955bc94d6dd1138065c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14257
x-xss-protection: 0
google-lineitem-id: -2,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 307ms
131ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b471cb64ec1ec6768f5af35b1553f0f4b3778fb1409353b175feef47b725e83a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11809
x-xss-protection: 0

GET
H2 200 container.html Show response
2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 861F 6 KB
3 KB 269ms
87ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:25:38 GMT
expires: Wed, 24 Jul 2024 20:25:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 37 KB
13 KB 81ms
81ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41338
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13167
x-xss-protection: 0
server: cafe
etag: 17457124678373541327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Jul 2024 08:56:40 GMT

GET
H2 200 container.html Show response
2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EFB 6 KB
3 KB 82ms
81ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:25:38 GMT
expires: Wed, 24 Jul 2024 20:25:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 312ms
137ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 20:25:38 GMT

GET
H2 200 rtb Show response
rtb.ads.travelaudience.com/ Frame F1C5 7 KB
4 KB 409ms
88ms Document
text/html 35.187.184.108
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=

Requested by

Host: 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
URL: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

5e3f6b80d35a542126cfd628a080fc84e6ced561eb28e2d8da76c3001109378d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 20:25:39 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-engine-version: 0.0.0
x-host: deliveryengine-rtb-production-7885dcb6fd-2w7mg

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7EFB 3 KB
1 KB 179ms
94ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
URL: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:19:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7EFB 20 KB
8 KB 170ms
85ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
URL: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 13:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 13:03:30 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7EFB 24 KB
7 KB 165ms
81ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
URL: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 23:38:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 23 Jul 2024 23:38:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EFB 179 KB
57 KB 87ms
85ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
URL: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 20:25:38 GMT

GET
DATA 200
OK truncated
/ Frame 7EFB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97ed6e94db044dae621fdae2410eb2748c400221b6da391b25124a2b96813e2f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7EFB 0
0 120ms
119ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cc_l5wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSEAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7DD7NEfNic-yC557G_fWS53FFjo467ILZB3hVvqZeIF7Krc2UGjZ4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTk2MDI1MTk1MDI2MTgyNjIY-t58&sigh=e0rt7RM43yk&uach_m=[UACH]&cid=CAQSSwBpAlJWZZ-DfshhkITaeQn8ZjlnrodusHU7AAv5VD6sS9C1ZHbvyLLKUEnse5T1EvgirT65uzFq4yWleOZB0HMv_qA9yuHcU3dK9BgB&cbvp=2&vis=1
Requested by: Host: 2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
URL: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2F8 13 KB
5 KB 85ms
83ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 41
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:24:58 GMT
expires: Wed, 24 Jul 2024 20:24:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F264 783 B
917 B 120ms
114ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

4d7071f1e938b4e9595021b31ecbcccd502f4a2fde08039f9f4d76832cc8b8fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NmbGGbPfGxqxEKcNyv9qDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-NmbGGbPfGxqxEKcNyv9qDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:25:39 GMT
expires: Tue, 25 Jul 2023 20:25:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js Show response
pagead2.googlesyndication.com/bg/ Frame A2F8 37 KB
14 KB 242ms
81ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14655
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 13:49:35 GMT

GET
H2 200 el.ashx
ads.travelaudience.com/ Frame F1C5 631 B
674 B 222ms
105ms Image
image/jpeg 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.1266086706434096&adPos=&ai1=1%3B1000327%3B2%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3B60011223%3B999%252c1%3B%3B%3B2%3B4%3B50002297%3B7sOMk32o1KNqb38Y2MsA0w%3D%3D%3BEUR%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70004269%3BQruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-65657fc4b5-mwjdd&bnr=0&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&di=&did=549644393848195573&dnt=&dv=1&ed=&ev=ic&fm=300x250&gcpm=306891&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=09&sc=&site=pastelink.net&ssp=0&sv=1&tsf=&ua=&uc=PT&ucy=&uuid=C3DEA0B5-1EF0-402C-AA27-1E491E93A67C&view=&vrt=&vw=&wp=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:39 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/jpeg
x-host: tde-deliveryengine-production-58b44b5c5-6wkd4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200

script Show response
eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/ Frame F1C5
Redirect Chain

https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=htt...
https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=htt...

170 KB
35 KB

87ms
86ms

Script
text/javascript

135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjpRcnVJalVCMGhrWkZWQmxzZUF1dmtQNW84TGpBaDFKVDUxV1RQUTo6MzAweDI1MDpDM0RFQTBCNS0xRUYwLTQwMkMtQUEyNy0xRTQ5MUU5M0E2N0M6MDA6Ojo5MDAwMDowLjY4MjgzNjkxMjAzNDQzNDM6Ojo6OjoxOjA6Ojo6Ojo6MTAwMDMyNzoyOjE6OjowOjowOlBUOjo6LTE6OlpNQXZ3Z0FIaUhRSzREblpBQVdiSF9qbDY2WUJqVXVhc1NvNEZBOnBhc3RlbGluay5uZXQ6MTozMDY4OTE6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTY1NjU3ZmM0YjUtbXdqZGQ6Ojo1NDk2NDQzOTM4NDgxOTU1NzM6MTo6Ojo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06N3NPTWszMm8xS05xYjM4WTJNc0Ewdz09OjYwMDExMjIzOjcwMDA0MjY5Ojk5OSUyYzE6Mjo0OjUwMDAyMjk3OjpFVVI6Ojo6Ojo6Ojo6Ojo6Ojo6UXJ1SWpVQjBoa1pGVkJsc2VBdXZrUDVvOExqQWgxSlQ1MVdUUFE6RVVSOjI6Ojo6Ojo6OjA6MDo6MDo6MTo6Ojo6OjoxAGh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYWk9QzBaaS13aV9BWlBTUUh0bnpnQWVmdHBiUURkUEgwWkp4bVk2Q204b0t3STIzQVJBQklBQmc3ZnpkaGF3YmdnRVhZMkV0Y0hWaUxUazJNREkxTVRrMU1ESTJNVGd5TmpMSUFRbXBBbDkwM19BdWdiSS00QUlBcUFNQnlBTUNxZ1NIQWtfUWZWNnppb2UwdW0xNHlGeXZwMTNIVzJBOFVpSm53dlhRRkhsM0tiZkNSb051SmdTeXpjb085U3ZGQ1p0MGNXVlRQZkhXQW91ZzVNSTVsUmFPNjhkWHRFVzV6QW5lZUtndzZQcVdMX08wckVzYzhZWlVxVm9RamdQZzNxd185SkdORHNOdTd6UWlqeXVYU1RVbTc4RFRiblpKNm5ueC1ZUzlUZm9NeDJHQWVobWk1R2RLYnFWWk1EYllyWTNsX2pycTgwZ0JWcXVZWnNrWUFuSk5FeE9ESmdGbUpVTU5LSTVIbVNKOGZSUkxLaDRQZDdIZ3UzVEZqWXVfZXllZmFsajU5SVN0a193ZlExVEY4MVE1TDdxNHV0Y3VianNCQkg4aUVfcFE3SEw1RmRWZkp5QzdsSEZWclZUbHl4YnNNRENWNFp3VDA3MWFaWG9ZX0sxWE1pZTlwMkZHclVoQTRBUUJnQWJaOTREMDE0Nkw1NHdCb0FZaHFBZW12aHVvQjViWUc2Z0hxcHV4QXFnSGc2MnhBcWdIXzU2eEFxZ0gzNS14QXRnSEFOSUlGQWlBNFlBUUVBRXlBcW9DT2dLQVFFaTlfY0U2LWdzQ0NBR0FEQUhRRlFHQUZ3RSZudW09MSZzaWc9QU9ENjRfMFZRNDRtV19qcnJtMmFxWlUxQlVDaDhxeVpadyZjbGllbnQ9Y2EtcHViLTk2MDI1MTk1MDI2MTgyNjImYWR1cmw9%26redirect%3D&tk_region=eu&tk_r=true

Requested by

Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=

Protocol

HTTP/1.1

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Resource Hash

efac67a18cc2c990577efeb9f193505a602e61cf7fcee2ecec37d968dcbf70b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
location: https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjpRcnVJalVCMGhrWkZWQmxzZUF1dmtQNW84TGpBaDFKVDUxV1RQUTo6MzAweDI1MDpDM0RFQTBCNS0xRUYwLTQwMkMtQUEyNy0xRTQ5MUU5M0E2N0M6MDA6Ojo5MDAwMDowLjY4MjgzNjkxMjAzNDQzNDM6Ojo6OjoxOjA6Ojo6Ojo6MTAwMDMyNzoyOjE6OjowOjowOlBUOjo6LTE6OlpNQXZ3Z0FIaUhRSzREblpBQVdiSF9qbDY2WUJqVXVhc1NvNEZBOnBhc3RlbGluay5uZXQ6MTozMDY4OTE6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTY1NjU3ZmM0YjUtbXdqZGQ6Ojo1NDk2NDQzOTM4NDgxOTU1NzM6MTo6Ojo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06N3NPTWszMm8xS05xYjM4WTJNc0Ewdz09OjYwMDExMjIzOjcwMDA0MjY5Ojk5OSUyYzE6Mjo0OjUwMDAyMjk3OjpFVVI6Ojo6Ojo6Ojo6Ojo6Ojo6UXJ1SWpVQjBoa1pGVkJsc2VBdXZrUDVvOExqQWgxSlQ1MVdUUFE6RVVSOjI6Ojo6Ojo6OjA6MDo6MDo6MTo6Ojo6OjoxAGh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYWk9QzBaaS13aV9BWlBTUUh0bnpnQWVmdHBiUURkUEgwWkp4bVk2Q204b0t3STIzQVJBQklBQmc3ZnpkaGF3YmdnRVhZMkV0Y0hWaUxUazJNREkxTVRrMU1ESTJNVGd5TmpMSUFRbXBBbDkwM19BdWdiSS00QUlBcUFNQnlBTUNxZ1NIQWtfUWZWNnppb2UwdW0xNHlGeXZwMTNIVzJBOFVpSm53dlhRRkhsM0tiZkNSb051SmdTeXpjb085U3ZGQ1p0MGNXVlRQZkhXQW91ZzVNSTVsUmFPNjhkWHRFVzV6QW5lZUtndzZQcVdMX08wckVzYzhZWlVxVm9RamdQZzNxd185SkdORHNOdTd6UWlqeXVYU1RVbTc4RFRiblpKNm5ueC1ZUzlUZm9NeDJHQWVobWk1R2RLYnFWWk1EYllyWTNsX2pycTgwZ0JWcXVZWnNrWUFuSk5FeE9ESmdGbUpVTU5LSTVIbVNKOGZSUkxLaDRQZDdIZ3UzVEZqWXVfZXllZmFsajU5SVN0a193ZlExVEY4MVE1TDdxNHV0Y3VianNCQkg4aUVfcFE3SEw1RmRWZkp5QzdsSEZWclZUbHl4YnNNRENWNFp3VDA3MWFaWG9ZX0sxWE1pZTlwMkZHclVoQTRBUUJnQWJaOTREMDE0Nkw1NHdCb0FZaHFBZW12aHVvQjViWUc2Z0hxcHV4QXFnSGc2MnhBcWdIXzU2eEFxZ0gzNS14QXRnSEFOSUlGQWlBNFlBUUVBRXlBcW9DT2dLQVFFaTlfY0U2LWdzQ0NBR0FEQUhRRlFHQUZ3RSZudW09MSZzaWc9QU9ENjRfMFZRNDRtV19qcnJtMmFxWlUxQlVDaDhxeVpadyZjbGllbnQ9Y2EtcHViLTk2MDI1MTk1MDI2MTgyNjImYWR1cmw9%26redirect%3D&tk_region=eu&tk_r=true
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/travel198849194933/ Frame F1C5 328 KB
111 KB 275ms
88ms Script
application/x-javascript 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/travel198849194933/moatad.js
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f1ecd101ab777d1ca7531c4a76cdcb6b5def1fe540c53ff2fc422ad57b45290

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 16:41:25 GMT
server: AmazonS3
x-amz-request-id: J08B67STMC7CCV72
etag: "bbe991d1987d0640f9e7fd72774f5859"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33014
accept-ranges: bytes
content-length: 113490
x-amz-id-2: yXErrevsPu59PfV5xPJTaa/+YKek8iASoXxjFp4j4X3e08OPwKwdtYFjNE167aFEChsGCyS/SBWjbrz94jM0a81Ag+3s9e8df8l1/adTT+U=

GET
H2 200 creative.js Show response
ads.travelaudience.com/js/ Frame F1C5 56 KB
20 KB 190ms
81ms Script
application/javascript 35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: f4bda5ecc987de2c971fcb1f7e2421dcaf0176421a50962150bb2b5de69e3232

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Jul 2023 20:25:39 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 25 Jul 2023 14:29:40 GMT
server: nginx/1.21.6
etag: W/"64bfdc54-e196"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: max-age=86400, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Jul 2023 20:25:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F264 0
0 214ms
116ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=1710686667227348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2F8 0
10 B 81ms
81ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?n3wCgw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK index.html Show response
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/ Frame 10B0 18 KB
3 KB 162ms
84ms Document
text/html 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/16248439/DubaiTourism_AlwaysOn_202010_TEST_300x250/ad/script?tacampaign=1000327&impressionID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bidpric=306891&z=1690316739&clickTag=https%3A%2F%2Fads.travelaudience.com%2Fct%3Ftrack%3DYWM6OjpRcnVJalVCMGhrWkZWQmxzZUF1dmtQNW84TGpBaDFKVDUxV1RQUTo6MzAweDI1MDpDM0RFQTBCNS0xRUYwLTQwMkMtQUEyNy0xRTQ5MUU5M0E2N0M6MDA6Ojo5MDAwMDowLjY4MjgzNjkxMjAzNDQzNDM6Ojo6OjoxOjA6Ojo6Ojo6MTAwMDMyNzoyOjE6OjowOjowOlBUOjo6LTE6OlpNQXZ3Z0FIaUhRSzREblpBQVdiSF9qbDY2WUJqVXVhc1NvNEZBOnBhc3RlbGluay5uZXQ6MTozMDY4OTE6YmlkZGVyLXJ0Yi1wcm9kdWN0aW9uLTY1NjU3ZmM0YjUtbXdqZGQ6Ojo1NDk2NDQzOTM4NDgxOTU1NzM6MTo6Ojo3c09NazMybzFLTnFiMzhZMk1zQTB3PT06N3NPTWszMm8xS05xYjM4WTJNc0Ewdz09OjYwMDExMjIzOjcwMDA0MjY5Ojk5OSUyYzE6Mjo0OjUwMDAyMjk3OjpFVVI6Ojo6Ojo6Ojo6Ojo6Ojo6UXJ1SWpVQjBoa1pGVkJsc2VBdXZrUDVvOExqQWgxSlQ1MVdUUFE6RVVSOjI6Ojo6Ojo6OjA6MDo6MDo6MTo6Ojo6OjoxAGh0dHBzOi8vYWRjbGljay5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPUwmYWk9QzBaaS13aV9BWlBTUUh0bnpnQWVmdHBiUURkUEgwWkp4bVk2Q204b0t3STIzQVJBQklBQmc3ZnpkaGF3YmdnRVhZMkV0Y0hWaUxUazJNREkxTVRrMU1ESTJNVGd5TmpMSUFRbXBBbDkwM19BdWdiSS00QUlBcUFNQnlBTUNxZ1NIQWtfUWZWNnppb2UwdW0xNHlGeXZwMTNIVzJBOFVpSm53dlhRRkhsM0tiZkNSb051SmdTeXpjb085U3ZGQ1p0MGNXVlRQZkhXQW91ZzVNSTVsUmFPNjhkWHRFVzV6QW5lZUtndzZQcVdMX08wckVzYzhZWlVxVm9RamdQZzNxd185SkdORHNOdTd6UWlqeXVYU1RVbTc4RFRiblpKNm5ueC1ZUzlUZm9NeDJHQWVobWk1R2RLYnFWWk1EYllyWTNsX2pycTgwZ0JWcXVZWnNrWUFuSk5FeE9ESmdGbUpVTU5LSTVIbVNKOGZSUkxLaDRQZDdIZ3UzVEZqWXVfZXllZmFsajU5SVN0a193ZlExVEY4MVE1TDdxNHV0Y3VianNCQkg4aUVfcFE3SEw1RmRWZkp5QzdsSEZWclZUbHl4YnNNRENWNFp3VDA3MWFaWG9ZX0sxWE1pZTlwMkZHclVoQTRBUUJnQWJaOTREMDE0Nkw1NHdCb0FZaHFBZW12aHVvQjViWUc2Z0hxcHV4QXFnSGc2MnhBcWdIXzU2eEFxZ0gzNS14QXRnSEFOSUlGQWlBNFlBUUVBRXlBcW9DT2dLQVFFaTlfY0U2LWdzQ0NBR0FEQUhRRlFHQUZ3RSZudW09MSZzaWc9QU9ENjRfMFZRNDRtV19qcnJtMmFxWlUxQlVDaDhxeVpadyZjbGllbnQ9Y2EtcHViLTk2MDI1MTk1MDI2MTgyNjImYWR1cmw9%26redirect%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

1019890c407f73e27e38834970e2e4da4918b82534814c6f41732816216a9953

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rtb.ads.travelaudience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-length: 3041
content-type: text/html
date: Tue, 25 Jul 2023 20:25:39 GMT
expires: Tue, 25 Jul 2023 20:30:39 GMT
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame F1C5 43 B
341 B 85ms
85ms Image
image/gif 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdShow&tk_campaignId=DubaiTourism_Always-on_TravelAudience_202010&tk_cartoucheId=DubaiTourism_AlwaysOn_202010_TEST_300x250&tk_ui=a7k_ISspEe6gCG_8s8tUXQ&tk_ip=185.128.9.17&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&tk_urlClick=https%3A%2F%2Feu.adventori.com%2Fcreatives%2Fdubai-tourism%2F202010-alwaysOn%2F300x250%2Findex.html%3Ftheme%3Dgolf%26country%3DPT%26language%3DPT%26brand%3DEDREAMS%26scenarioType%3DAdvertiserID-OK%26advertiserName%3DDubai%2520DMO%2520RFP%2520Edreams%2520PT%26advertiserIDValue%3D1000327%26advertiserIDReceived%3Dtrue%26advertiserIDStatus%3DOK%26impressionID%3DQruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ%26bidPrice%3D306891%26dvCampaignId%3Dmissing%26placebo%3Dfalse%26_stat_scn%3Dgolf_PT&tk_impressionId=a7k_IispEe6gCG_8s8tUXQ&tk_acceptsThirdPartyCookies=true&tk_origin=https%3A%2F%2Fpastelink.net&tk_eventIndex=3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:39 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 n.js Show response
geo.moatads.com/ Frame F1C5 96 B
269 B 369ms
83ms Script
text/html 13.41.214.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=2670947157&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-sA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&m=0&ar=c013c52fed3-clean&iw=e184fba&q=2&cb=0&ym=0&cu=1690316739750&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=1000327%3A50002297%3A60011223%3A70004269&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=204627&na=1282861229&cs=0&ord=1690316739750&jv=333174359&callback=DOMlessLLDcallback_66211177
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.214.66 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-214-66.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 31cd45f4bda50034fb0ce43902af07b2b502e0b6317eb3446d61c0d68d185bd1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "2e0a94b0b93c8cd61c9671e6ad3c686b1e0b55e7"
content-length: 96
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame F1C5 43 B
251 B 133ms
114ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&m=0&ar=c013c52fed3-clean&iw=e184fba&q=3&cb=0&ym=0&cu=1690316739750&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=1000327%3A50002297%3A60011223%3A70004269&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=204627&na=1255477426&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:39 GMT

GET
H2 200 js-err
rtb.ads.travelaudience.com/ Frame F1C5 35 B
354 B 81ms
79ms Image
image/gif 35.187.184.108
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%253D%253D.60011223.OTk5JTJjMQ%3D%3D...7sOMk32o1KNqb38Y2MsA0w%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D300%26y%3D250%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%2526client%253Dca-pub-9602519502618262%2526adurl%253D%26googlewinningprice%3DZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA%26wpc%3DEUR%26site%3Dpastelink.net%26slotvisibility%3D1%26gcpm%3D306891%26gpos%3D1%26bidder%3Dbidder-rtb-production-65657fc4b5-mwjdd%26dv%3D1%26did%3D549644393848195573%26uuid%3D%26suid%3D%26brq%3DQruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ%26ssp_id%3D0%26l%3Den%26ts%3D1690316738%26uc%3DPT%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3De11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI%3D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

108.184.187.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Origin: https://rtb.ads.travelaudience.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin: https://rtb.ads.travelaudience.com
content-type: image/gif

GET
H/1.1 200
OK ADventori-2.0.0.css
adventori.com/lp/enabler/ Frame 10B0 7 KB
2 KB 276ms
82ms Stylesheet
text/css 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/lp/enabler/ADventori-2.0.0.css

Requested by

Host: eu.adventori.com
URL: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

07fcd1d0da6fa7a138f398aa484b99cdad68e5731ae83d6cac8f498a0ebc9277

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 26 Apr 2023 09:26:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=300
content-length: 1830
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK ADventori-2.0.0.js Show response
adventori.com/lp/enabler/ Frame 10B0 77 KB
17 KB 315ms
122ms Script
application/javascript 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://adventori.com/lp/enabler/ADventori-2.0.0.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

7b96cde7491c8bbf9a865074b6ce9c4fe53b6906c2ca7e2402c64beded814365

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/
Origin: https://eu.adventori.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 26 Apr 2023 09:26:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
content-length: 17163
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7EFB 42 B
174 B 116ms
115ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuN8vCVgr1swF7KYaTqsIoYjYV7f1cG0qcdu--zakTckVs0bB3uyubavxNNnuke5zSFGbblWqz20TA2DMC7K0qEOJCO&sig=Cg0ArKJSzO5CGdAQJ40wEAE&id=lidar2&mcvt=1001&p=317,513,567,813&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3944560474&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690316738725&rpt=347&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 115ms
114ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=1710686667227348&bg=!JiWlJXHNAAZsPphkTD47ADkAdvg8WlK2aDPUEyiWDJuax3ad5qEGxNb2APCeeVqQniJ2S8ax21Uo1UaVLIBOhCbgKr2Ag55Tw84CAAAAu1IAAAAGaAEHCgDD6u7-Oj4HXZaOTXc7_g3xHPxEVaJhXyxOjNK563iB0BVkX28u-WkafLgss5Xtle43ET4nhjMvzDYKSRZ19HIN5jXsO_d-EAXYMSz9n_YaSJ6_3PHRDU_2SXJGJe4sCOvYmzjUkd_2yYAq5_fEk0IgTXYo-E65MrxWk3te9F07cSBYDytw3h4a6NN-mF8CLDlS2QavPdnLvMtkztBnfGj1VbdRZETUtmMZv6wqnQ8eS9wP9a0WkJ4es9AFdNh9dbFwnaG4mQKjN0HA3IqVxAdVUBMDumTeY2VoOGodSsrhDdjNFeFY589whc_-UA2mPc4hODQiXDF4zrPmCPpFF-LSvdh38ZvNnouP9EyWgmCuIFEu_6P-NZJHnyuJDvGCo4PmLtwIlu80daL7FXDdORzFh958ncHeLwYSFVA43q7Vd9Ft0UR7FHbtSGPuTWjMJOReTZLk_MrI9Ry9ema2Lb-4LyRnpXywro6269eB7D0FoxenapOGeCn76HoQkRNWa3PlYp_teaWeUahiR-4B3LwjIjgqWLjW5GKANT2zd8mM0vPdmCxVLVqyiZKgrIpi57okmRU35c3siLIzHs_dbmN2CG5Hs_D_6fUMNjjMNTefXiSEYgf16dn9KTCvC7etXGpeCub7NwHo1iKEePr05BxY3UxrBSMmIW345ryQQBlWwTw1Yn1D5HY2H52eZWZG63KRyQeLjwmLNzVMNr-BT_fft79OyjeTpmtHm-rRrN2oSuTOfSD9IUEgOhAK_QuiUoRVHhPR98KhIztukJbD8-vwza7KQY8cY61rmq0jazBJ255OzPW5Lg6TteUh0mf-2HqlzzlKLvHFjjn05Fvo22PzrUFTJDwSXGuKAE3eJt4UeNIwtFLTBGa6tQsx63xTlX4waSsPfCw8aGdMeG_YTBLJUStr5XtX54S-8MeSTV8zL9DrjDBTb3n6bv4q7fDzkgVSfREIUoHBlOViWceGuneS_bfQOFBhhJCHJbVdsZZhreznYuFmgS16o2sGa3eCdw2pIjHUFkKoP8jVuJByX8Zb0tmM0f2DyrTdfR2t6QHzAO2F5GUh4JO6bOTd2kp3Lv3e8M2RiMoMzVuVTaH9YAfV1DGxii152pePqIiwON3JY9IPYfFfhQdcGrTsagafs26NoC2_9QCjkbnB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK golf-bg1.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/ Frame 10B0 48 KB
49 KB 90ms
90ms Image
image/jpeg 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/golf-bg1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

1fe6ad5e624e30ccf05dbf0c95df3642fd4fd2b3a629b2b93d7d11e2d3acbc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 49657
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK DINPro-Bold.woff2
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/fonts/ Frame 10B0 28 KB
28 KB 126ms
125ms Font
font/woff2 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/fonts/DINPro-Bold.woff2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

572c81bd1a99e559e2d8c9203a48e7e3ed17ed47a6a5e53c10ca9b0946451aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
Origin: https://eu.adventori.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:58 GMT
server: Apache
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=300
content-length: 28176
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK golf-bg2.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/ Frame 10B0 52 KB
52 KB 196ms
90ms Image
image/jpeg 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/golf-bg2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

9eae504d623db7fd1f245deeaac2766272d90354e258197387d2470fbf73656e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 52868
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK golf-bg3.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/ Frame 10B0 63 KB
63 KB 221ms
91ms Image
image/jpeg 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/golf-bg3.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

dac7e6c5d202c1176aa06b67210c7de202a6baf2e76deb2d1ba3cfa646771cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 64493
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK golf-bg4.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/ Frame 10B0 55 KB
55 KB 289ms
128ms Image
image/jpeg 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/golf-bg4.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

de0136fecb68daa42f12131473e364ed88e3b4bceb2c443fdbcd3bf46f57393a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 55928
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK golf-bg5.jpg
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/ Frame 10B0 56 KB
56 KB 288ms
128ms Image
image/jpeg 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/img/golf-bg5.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

3d0749146fc63bb6d7800a3881513323f9b8dd86d9664f092b014571797a0327

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:57 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-length: 56991
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK logo-dubai.png
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/ Frame 10B0 5 KB
5 KB 145ms
85ms Image
image/png 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/logo-dubai.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

0129f5be99b790e4a2d1b054c478d7bd628b168ed6b2a0a9c0b74d0e3aaff8ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:58 GMT
server: Apache
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 4994
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H/1.1 200
OK logo-eDreams.png
eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/ Frame 10B0 119 KB
119 KB 162ms
125ms Image
image/png 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/logos/logo-eDreams.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Apache /

Resource Hash

bdcc186c574c56a4d5c55e6accd54ccccd0a6b8c0c17ee9559a24aee2e5a4e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eu.adventori.com/creatives/dubai-tourism/202010-alwaysOn/300x250/index.html?_format=html&_dataSize=300x250&_confSize=300x250&_placementId=386818&_campaignId=16252138&_brandId=16248439
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 09:26:58 GMT
server: Apache
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-length: 121557
expires: Tue, 25 Jul 2023 20:30:40 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame F1C5 43 B
265 B 286ms
104ms Image
image/gif 104.123.45.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=26&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=pastelink.net&L1id=1000327&L2id=50002297&L3id=60011223&L4id=70004269&S1id=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&S2id=300x250&ord=1690316739750&r=123084792573&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.123.45.151 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-123-45-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:40 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame F1C5 43 B
265 B 286ms
104ms Image
image/gif 104.123.45.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=26&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=pastelink.net&L1id=1000327&L2id=50002297&L3id=60011223&L4id=70004269&S1id=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&S2id=300x250&ord=1690316739750&r=123084792573&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.123.45.151 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-123-45-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F1C5 43 B
251 B 90ms
89ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Feu.adventori.com%2Fcreatives%2Fdubai-tourism%2F202010-alwaysOn%2F300x250%2Findex.html%3F_format%3Dhtml%26_dataSize%3D300x250%26_confSize%3D300x250%26_placementId%3D386818%26_campaignId%3D16252138%26_brandId%3D16248439&i=TRAVELAUDIENCE_DISPLAY1&ol=2670947157&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-sA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&f=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&cu=1690316739750&m=653&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=382&lg=1&lh=41&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A1080&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=26&cd=0&ah=26&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000327%3A50002297%3A60011223%3A70004269&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=204627&na=1501756244&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:40 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 285ms
133ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 20:25:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F1C5 43 B
251 B 132ms
131ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2670947157&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-sA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&f=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&cu=1690316739750&m=818&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=382&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A1080&aa=0&ad=88&cn=0&gk=88&gl=0&ik=88&ic=88&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=26&cd=26&ah=26&am=26&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000327%3A50002297%3A60011223%3A70004269&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=204627&na=1627085575&cs=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:40 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame F1C5 43 B
265 B 131ms
113ms Image
image/gif 104.123.45.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=88&fi=1&apd=201&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=pastelink.net&L1id=1000327&L2id=50002297&L3id=60011223&L4id=70004269&S1id=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&S2id=300x250&ord=1690316739750&r=123084792573&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.123.45.151 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-123-45-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:40 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame F1C5 43 B
265 B 121ms
103ms Image
image/gif 104.123.45.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=88&fi=1&apd=201&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=pastelink.net&L1id=1000327&L2id=50002297&L3id=60011223&L4id=70004269&S1id=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&S2id=300x250&ord=1690316739750&r=123084792573&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=1000327.2.0.70004269.0.0..0.PT.-1..7sOMk32o1KNqb38Y2MsA0w%3D%3D.60011223.OTk5JTJjMQ==...7sOMk32o1KNqb38Y2MsA0w%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0Zi-wi_AZPSQHtnzgAeftpbQDdPH0ZJxmY6Cm8oKwI23ARABIABg7fzdhawbggEXY2EtcHViLTk2MDI1MTk1MDI2MTgyNjLIAQmpAl903_AugbI-4AIAqAMByAMCqgSHAk_QfV6zioe0um14yFyvp13HW2A8UiJnwvXQFHl3KbfCRoNuJgSyzcoO9SvFCZt0cWVTPfHWAoug5MI5lRaO68dXtEW5zAneeKgw6PqWL_O0rEsc8YZUqVoQjgPg3qw_9JGNDsNu7zQijyuXSTUm78DTbnZJ6nnx-YS9TfoMx2GAehmi5GdKbqVZMDbYrY3l_jrq80gBVquYZskYAnJNExODJgFmJUMNKI5HmSJ8fRRLKh4Pd7Hgu3TFjYu_eyefalj59IStk_wfQ1TF81Q5L7q4utcubjsBBH8iE_pQ7HL5FdVfJyC7lHFVrVTlyxbsMDCV4ZwT071aZXoY_K1XMie9p2FGrUhA4AQBgAbZ94D0146L54wBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0VQ44mW_jrrm2aqZU1BUCh8qyZZw%26client%3Dca-pub-9602519502618262%26adurl%3D&googlewinningprice=ZMAvwgAHiHQK4DnZAAWbH_jl66YBjUuasSo4FA&wpc=EUR&site=pastelink.net&slotvisibility=1&gcpm=306891&gpos=1&bidder=bidder-rtb-production-65657fc4b5-mwjdd&dv=1&did=549644393848195573&uuid=&suid=&brq=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&ssp_id=0&l=en&ts=1690316738&uc=PT&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=e11SiFu3ellDYgtQ-w9Ks85EiYXVlEgEUzP0JJ_1sOI=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.123.45.151 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-123-45-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:40 GMT

GET
H/1.1 200 trackPrint
eu.adventori.com/tracker/ Frame F1C5 43 B
341 B 83ms
83ms Image
image/gif 135.125.163.195
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.adventori.com/tracker/trackPrint?tk_type=AdCreativeLoaded&tk_campaignId=DubaiTourism_Always-on_TravelAudience_202010&tk_cartoucheId=DubaiTourism_AlwaysOn_202010_TEST_300x250&tk_ui=a7k_ISspEe6gCG_8s8tUXQ&tk_ip=185.128.9.17&tk_userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&tk_impressionId=a7k_IispEe6gCG_8s8tUXQ&tk_acceptsThirdPartyCookies=true&tk_mouseEvents=&tk_creaInitData=1&tk_creaReady=1&tk_creaLoad=1&tk_creaInitDataTime=581&tk_creaReadyTime=583&tk_creaLoadTime=955&tk_adStartTime=3&tk_eventIndex=4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

135.125.163.195 , France, ASN16276 (OVH, FR),

Reverse DNS

f31.adventori.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:40 GMT
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BFB6 15 KB
6 KB 287ms
108ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:25:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 212665
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 273ms
120ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jul 2023 20:25:40 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame BFB6 433 B
558 B 100ms
99ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bd3434dbd3d18a675a6280d77d79977ee5da937bb570cf6b30fd7ac63fc0a10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1449361
expires: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame A211 24 KB
8 KB 312ms
118ms Document
text/html 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

eb02045a62877356c612268e332f25dd8efa94c8026be1ab40fdcc69c4b9f905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=60568
content-encoding: gzip
content-length: 8514
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 20:25:41 GMT
expires: Wed, 26 Jul 2023 13:15:09 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F8CC 281 B
554 B 269ms
90ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jul 2023 20:25:41 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 3BDF 9 KB
4 KB 242ms
74ms Document
text/html 13.32.145.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.145.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-145-88.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 54478
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 25 Jul 2023 05:17:44 GMT
etag: W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified: Wed, 07 Jun 2023 17:56:33 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 828a27d052fc1e43481cfb9f225abbb8.cloudfront.net (CloudFront)
x-amz-cf-id: ymoYORfzWzt7qQefPVMA8Dw8pLynDyT4al37I9b2TXptwgHVDuZ38w==
x-amz-cf-pop: CDG50-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5: 0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256: 956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame C884 0
0 83ms
82ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1690316738170

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 07ED 15 KB
6 KB 246ms
80ms Document
text/html 184.51.104.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.104.207 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-104-207.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103387
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 25 Jul 2023 20:25:41 GMT
expires: Thu, 27 Jul 2023 01:08:48 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B1D6 52 KB
17 KB 274ms
91ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1690316400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://pastelink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 25 Jul 2023 20:25:41 GMT
ETag: "623de86a-cf34"
Expires: Wed, 26 Jul 2023 20:25:43 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 pixel.gif
px.moatads.com/ Frame F1C5 43 B
251 B 88ms
87ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2670947157&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-sA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&f=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&cu=1690316739750&m=1823&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=382&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1934%3A1080&aa=1&ad=1095&cn=88&gn=1&gk=1095&gl=88&ik=1095&ic=1095&ez=1&co=1095&cp=1008&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=26&ah=1008&am=26&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000327%3A50002297%3A60011223%3A70004269&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=204627&na=952256934&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:41 GMT

GET
H2 200 pixel.gif
travel198849194933.s.moatpixel.com/ Frame F1C5 43 B
265 B 84ms
84ms Image
image/gif 104.123.45.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1008&tet=1095&fi=1&apd=1208&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=pastelink.net&L1id=1000327&L2id=50002297&L3id=60011223&L4id=70004269&S1id=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&S2id=300x250&ord=1690316739750&r=123084792573&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=pastelink.net&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.123.45.151 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-123-45-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:41 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 455B 4 KB
2 KB 286ms
88ms Document
text/html 54.246.8.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.8.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-8-205.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a745d730eae3fbc326a08d406593513f564473ddd5d5519ba10ba69b8a36ee6d

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 25 Jul 2023 20:25:41 GMT
etag: W/"047a8e500bf5e063cc6f4d6365c6701e7"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame A2CC 0
0 81ms
80ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 27E9 622 B
872 B 364ms
75ms Document
text/html 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 8bd5cb79630996a1ffc4361dd1e82dce40c2dd5cc5c2d1ee93260bdf69035dd0

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-length: 622
content-type: text/html
date: Tue, 25 Jul 2023 20:25:41 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame D184
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
3 KB

175ms
89ms

Document
text/html

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 66f27425fa0d33ca6b00f54fe6d41717278edba6cde5146282e9b2e1f4b91878

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1914
Content-Type: text/html
Date: Tue, 25 Jul 2023 20:25:42 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Tue, 25 Jul 2023 20:25:41 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1D45
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

94ms
94ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jul 2023 20:25:41 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 25 Jul 2023 20:25:41 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5D7B 15 KB
6 KB 78ms
78ms Document
text/html 184.51.104.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.104.207 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-104-207.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103387
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 25 Jul 2023 20:25:41 GMT
expires: Thu, 27 Jul 2023 01:08:48 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame F60E 0
526 B 348ms
127ms Document
text/html 99.84.88.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-77.muc50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Tue, 25 Jul 2023 20:25:41 GMT
server: istio-envoy
via: 1.1 22a1b3c2f1a7b6d72ce563a230b92a90.cloudfront.net (CloudFront)
x-amz-cf-id: DQknlNlxIMkgFfA2r3mNL9QKb_eOvmThxEK5aNydJe7XQIlJxIrt6w==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame E045 0
160 B 274ms
83ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Tue, 25 Jul 2023 20:25:41 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame D3AE 0
370 B 468ms
150ms Document
text/html 34.225.236.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.225.236.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-236-157.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Tue, 25 Jul 2023 20:25:42 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 3A83 17 KB
6 KB 196ms
45ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lis/2E9C) /
Resource Hash: 959b323d6d404b16646fff656d108c0ef6079419e6a5536ff04f24b69a706d67

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 266
cache-control: max-age=900
content-encoding: gzip
content-length: 6056
content-md5: BWNiLq3WgjMFnqlZeqylmg==
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 20:25:41 GMT
etag: f171086d-8725-4ccb-afc0-fc96ce86e3a0
expires: Tue, 25 Jul 2023 20:40:41 GMT
last-modified: Mon, 24 Jul 2023 16:33:37 GMT
opc-request-id: iad-1:UbhSp9wZF7hmBBS7rlKcM6cyn2kNooop3x8ZCAaSCGVsyRqNPV5ZMZ-DEqu9GhkQ
server: ECAcc (lis/2E9C)
storage-tier: Standard
vary: Accept-Encoding
version-id: 35f40a89-3310-4f20-bd17-a23f0a55e298
x-api-id: native
x-cache: HIT

GET
H2

200

sync
ads.servenobid.com/ Frame 3BDF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=3729927191342844057

0
344 B

87ms
87ms

Image
image/avif

34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=3729927191342844057
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:41 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
an-x-request-uuid: 876c98d9-4c3b-4645-a872-185ddc424002
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=3729927191342844057
x-proxy-origin: 185.128.9.17; 185.128.9.17; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 3BDF
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HCppuRZHXtp_zdc3Rta1D5IW

0
349 B

87ms
87ms

Image
image/avif

34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HCppuRZHXtp_zdc3Rta1D5IW
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:41 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HCppuRZHXtp_zdc3Rta1D5IW
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 3BDF 0
277 B 295ms
100ms Image
text/plain 216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Jul 2023 20:25:41 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

cs
ad.turn.com/r/ Frame 3BDF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1690316741888
https://ad.turn.com/r/cs?pid=45&rndcb=3314579194

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 3BDF
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5141210826173789541

0
344 B

90ms
89ms

Image
image/avif

34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5141210826173789541
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5141210826173789541
Date: Tue, 25 Jul 2023 20:25:41 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 3BDF 0
500 B 571ms
145ms Image
text/plain 69.166.1.10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:42 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-155
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 3BDF
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

88ms
87ms

Image
image/avif

34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Tue, 25 Jul 2023 20:25:41 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame 3BDF 0
15 B 290ms
90ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 3BDF
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-e8dbf8ba-f2f9-3a97-982e-e1cb191201a4

0
358 B

92ms
92ms

Image
image/avif

34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-e8dbf8ba-f2f9-3a97-982e-e1cb191201a4
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-e8dbf8ba-f2f9-3a97-982e-e1cb191201a4
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:42 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame 3BDF 0
125 B 289ms
90ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 3BDF 0
359 B 297ms
80ms Image
text/plain 18.195.243.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.243.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-243-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:41 GMT

GET cksync.php
hbx.media.net/ Frame 3BDF 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F8CC 34 KB
10 KB 97ms
97ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 20:25:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 06:44:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37148
Connection: keep-alive
Content-Length: 10113
Expires: Wed, 26 Jul 2023 06:44:49 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 07ED 5 KB
6 KB 276ms
82ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83800432&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 2d5420c2021e160f0f1d69913681a874f3f4d834ba633cb0e8ca9791d414d9e4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 20:25:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel.gif
px.moatads.com/ Frame F1C5 43 B
251 B 91ms
90ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2670947157&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-sA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&f=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&cu=1690316739750&m=1824&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=382&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1934%3A1080&aa=1&ad=1095&cn=1095&gn=1&gk=1095&gl=1095&ik=1095&ic=1095&ez=1&co=1095&cp=1008&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=1008&ah=1008&am=1008&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000327%3A50002297%3A60011223%3A70004269&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=204627&na=1480340864&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:41 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B1D6 0
594 B 113ms
113ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
an-x-request-uuid: 2c82bbf3-4190-4d69-ab18-8a89c87edc73
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.128.9.17; 185.128.9.17; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F1C5 43 B
251 B 86ms
86ms Image
image/gif 23.211.10.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2670947157&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-jWUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-t501M1%2F1Kg7M0g%3D%3D&sc=1&os=1-sA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fpastelink.net&id=0&ii=2&f=1&j=https%3A%2F%2F2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&lp=https%3A%2F%2Fpastelink.net&t=1690316739750&de=123084792573&cu=1690316739750&m=1824&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=382&lg=1&lh=41&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1934%3A1080&aa=1&ad=1095&cn=1095&gn=1&gk=1095&gl=1095&ik=1095&ic=1095&ez=1&co=1095&cp=1008&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1008&cd=1008&ah=1008&am=1008&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=1000327%3A50002297%3A60011223%3A70004269&bo=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com&zMoatOrigSlicer2=300x250&zMoatDomain=pastelink.net&zMoatSubdomain=pastelink.net&zMoatSSP=0&zMoatDeal=549644393848195573&zMoatIMPID=QruIjUB0hkZFVBlseAuvkP5o8LjAh1JT51WTPQ&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=204627&na=1745336290&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.10.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-10-211.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://rtb.ads.travelaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Jul 2023 20:25:41 GMT

GET services
sync.technoratimedia.com/ Frame 3A83 0
0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame F8CC 70 B
265 B 302ms
99ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8CC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtJUVhZRkYtMVotM0NTSQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENEXeIynKdfgPvPc1qvYKH4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJUVhZRkYtMVotM0NTSQ==&google_push=

170 B
188 B

87ms
86ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJUVhZRkYtMVotM0NTSQ==&google_push=

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtJUVhZRkYtMVotM0NTSQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET

setuid
px.ads.linkedin.com/ Frame F8CC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIQXYFF-1Z-3CSI

0
0

GET

tap.php
pixel.rubiconproject.com/ Frame F8CC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/t0sL1AXbP6h090hokouc78n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AErQXQFE2oLyilJ4ZRlQqtma.QQviAy7gxxbkg--~A

0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F8CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM4QxMdVNcd9VOcu4kTvdVY&google_cver=1

0
239 B

85ms
85ms

Image
image/gif

69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM4QxMdVNcd9VOcu4kTvdVY&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEM4QxMdVNcd9VOcu4kTvdVY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET dcm
s.amazon-adsystem.com/ Frame F8CC 0
0

GET

ecm3
aax-eu.amazon-adsystem.com/s/ Frame F8CC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j-pj6-DeRTG-EVFQ5r0ldA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j-pj6-DeRTG-EVFQ5r0ldA

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8CC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2YyM2NiNzBiM2M0YjM4YjQwYzA2ODQxZGZlYjhlNzI3NzdiODA3Yg

170 B
188 B

88ms
87ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2YyM2NiNzBiM2M0YjM4YjQwYzA2ODQxZGZlYjhlNzI3NzdiODA3Yg

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2YyM2NiNzBiM2M0YjM4YjQwYzA2ODQxZGZlYjhlNzI3NzdiODA3Yg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 455B
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=3729927191342844057

35 B
250 B

685ms
90ms

Image
image/gif

34.247.233.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=3729927191342844057
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:42 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:41 GMT
an-x-request-uuid: 20146524-1002-4d02-affc-11f45651f8a5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=3729927191342844057
x-proxy-origin: 185.128.9.17; 185.128.9.17; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET sync
x.bidswitch.net/ Frame 455B 0
0

GET redirectObuid
sync.outbrain.com/ Frame 455B 0
0

GET cm
us-u.openx.net/w/1.0/ Frame 455B 0
0

GET sync
sync.srv.stackadapt.com/ Frame 455B 0
0

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 455B 43 B
426 B 1675ms
91ms Image
image/gif 99.81.57.224

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.57.224 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 455B 0
0

GET services
sync.technoratimedia.com/ Frame 455B 0
0

GET 142
match.deepintent.com/usersync/ Frame 455B 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 455B
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_05e6f6d4-d0da-4664-a8ed-8231ed63db50&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=g81jbLPxEUoJSplfALhh&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2ZZYGFVGETCQPBCVK32KKNYGYZSBJRUGQ...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=g81jbLPxEUoJSplfALhh&us_privacy=1---

35 B
250 B

89ms
89ms

Image
image/gif

34.247.233.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=g81jbLPxEUoJSplfALhh&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:43 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:43 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=g81jbLPxEUoJSplfALhh&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 455B
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=6df04ae0-813c-460b-b5f6-8a52f214235a

35 B
250 B

92ms
92ms

Image
image/gif

34.247.233.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=6df04ae0-813c-460b-b5f6-8a52f214235a
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:43 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=6df04ae0-813c-460b-b5f6-8a52f214235a
access-control-allow-origin: *
date: Tue, 25 Jul 2023 20:25:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET rtset
bh.contextweb.com/bh/ Frame 455B 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 455B
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=5612066060575107549

35 B
250 B

89ms
88ms

Image
image/gif

34.247.233.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=5612066060575107549
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:43 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=5612066060575107549
date: Tue, 25 Jul 2023 20:25:42 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 455B 0
358 B 89ms
87ms Image
image/avif 34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_05e6f6d4-d0da-4664-a8ed-8231ed63db50
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:41 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame F2A6 0
0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 7ABC 170 B
243 B 1292ms
100ms Document
image/png 172.217.18.2

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wNWU2ZjZkNC1kMGRhLTQ2NjQtYThlZC04MjMxZWQ2M2RiNTA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 20:25:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6718 15 KB
6 KB 74ms
74ms Document
text/html 184.51.104.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.104.207 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-104-207.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=103387
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 25 Jul 2023 20:25:41 GMT
expires: Thu, 27 Jul 2023 01:08:48 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 75E0 70 B
264 B 246ms
101ms Document
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 25 Jul 2023 20:25:42 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET idsync
tg.socdm.com/aux/ Frame 9CB6 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame 8626 0
0

GET
H/1.1

200
OK

usermatchredir Show response
ssum-sec.casalemedia.com/ Frame F6AC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1

43 B
766 B

431ms
341ms

Document
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Jul 2023 20:25:42 GMT
Expires: 0
Keep-Alive: timeout=1, max=497
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Tue, 25 Jul 2023 20:25:42 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
Location: /usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame D221
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=Is1f0399QQsLmDhmDwKi&pi=gumgum&tc=1

35 B
250 B

89ms
88ms

Document
image/gif

34.247.233.198

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=Is1f0399QQsLmDhmDwKi&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 25 Jul 2023 20:25:43 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 25 Jul 2023 20:25:43 GMT Tue, 25 Jul 2023 20:25:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=Is1f0399QQsLmDhmDwKi&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 38D2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

167ms
85ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jul 2023 20:25:42 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 25 Jul 2023 20:25:41 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET pubmatic
d5p.de17a.com/getuid/ Frame BA3A 0
0

GET usersync.aspx
dis.criteo.com/dis/ Frame 20BC 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7A4C
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628775245803

42 B
424 B

1500ms
82ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628775245803
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 20:25:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Tue, 25 Jul 2023 20:25:42 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628775245803
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame EC95
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

351ms
253ms

Document
image/gif

67.220.226.234

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.234 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Jul 2023 20:25:43 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 97DA51R71GJTSFCC22E9

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 25 Jul 2023 20:25:43 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DA0MFWA6WRS86SG4KQMC

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C416
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NKWSEzD3khUv8MkaO6LcR2aolxsvoJcTMPW88mbQ

42 B
339 B

900ms
84ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NKWSEzD3khUv8MkaO6LcR2aolxsvoJcTMPW88mbQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 20:25:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 25 Jul 2023 20:25:42 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NKWSEzD3khUv8MkaO6LcR2aolxsvoJcTMPW88mbQ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET

Pug
simage2.pubmatic.com/AdServer/ Frame 049A
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3729927191342844057&gdpr=0&gdpr_consent=

0
0

GET /
dsp.adfarm1.adition.com/cookie/ Frame 3AE8 0
0

GET sync
sync.srv.stackadapt.com/ Frame 875F 0
0

GET pm
match.prod.bidr.io/cookie-sync/ Frame 23C2 0
0

GET sync
t.adx.opera.com/pub/ Frame 80C9 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 63D7 0
0

GET /
csync.loopme.me/ Frame B19E 0
0

GET bridge
cm.adgrx.com/ Frame 82FF 0
0

GET cm
ipac.ctnsnet.com/int/ Frame D7EB 0
0

GET cookiesync
core.iprom.net/ Frame BAF5 0
0

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 2C86 0
0

GET cm
green.erne.co/pubmatic/ Frame 9F8E 0
0

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame F2BE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
422 B

216ms
207ms

Document
image/gif

104.18.25.173

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ec72240a90394e8-LIS
content-length: 43
content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 20:25:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ec7223f2d0094e8-LIS
content-type: text/html
date: Tue, 25 Jul 2023 20:25:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 549

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 07ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bdWNLeu2TeCgjAHAUbmkcA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

74ms
74ms

Image
text/html

184.51.104.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 184.51.104.207 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-104-207.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=103385
accept-ranges: bytes
content-length: 5606
expires: Thu, 27 Jul 2023 01:08:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 07ED 49 B
265 B 1297ms
87ms Image
image/gif 52.214.214.124

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.214.124 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.83
content-length: 49
expires: 0

GET cr
cr.frontend.weborama.fr/ Frame 07ED 0
0

GET match
a.audrte.com/ Frame 07ED 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 07ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkRENThEMkQtRUJCNi00REUwLUEwOEMtMDFDMDUxQjlBNDcw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

404ms
83ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 20:25:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 07ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFKVFCfg3tALxDEJ3lDKdBA&google_cver=1

42 B
300 B

367ms
83ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFKVFCfg3tALxDEJ3lDKdBA&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 20:25:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFKVFCfg3tALxDEJ3lDKdBA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pubmatic
um.simpli.fi/ Frame 07ED 0
0

GET match
c1.adform.net/serving/cookie/ Frame 07ED 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 07ED 70 B
264 B 193ms
102ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 6DD58D2D-EBB6-4DE0-A08C-01C051B9A470
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 07ED 43 B
425 B 1615ms
92ms Image
image/gif 99.81.57.224

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/6DD58D2D-EBB6-4DE0-A08C-01C051B9A470?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.57.224 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 07ED 0
38 B 90ms
83ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET sync
x.bidswitch.net/ Frame 07ED 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame 07ED 0
0

GET cs
ad.turn.com/r/ Frame 07ED 0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 07ED
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=55fc7653-b929-4510-bae8-4a2303fd4792-64c02fc7-5541&gdpr=0&gdpr_consent=

0
0

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame 07ED 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 27E9 0
344 B 89ms
87ms Image
image/avif 34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=5612066060575107549&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 27E9 70 B
264 B 171ms
100ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET sas
match.prod.bidr.io/cookie-sync/ Frame 27E9 0
0

GET gjIEMT18
sync-tm.everesttech.net/upi/pid/ Frame 27E9 0
0

GET
H2 404 genericusersync.ashx
sync.tidaltv.com/ Frame 27E9 0
67 B 369ms
88ms Image
text/plain 54.72.81.170

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.81.170 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1D45 34 KB
10 KB 99ms
99ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 20:25:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 06:44:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37147
Connection: keep-alive
Content-Length: 10113
Expires: Wed, 26 Jul 2023 06:44:49 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1D45 0
239 B 794ms
142ms Image
image/gif 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LKIQXYFF-1Z-3CSI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

usermatchredir
ssum-sec.casalemedia.com/ Frame D184
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMAvxfUfKjnRehBUIyCkVwAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVmKWum_hPo6rRd_X9jb2s&google_cver=1

0
0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D184 70 B
264 B 105ms
105ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 20:25:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

crum
dsum-sec.casalemedia.com/ Frame D184
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZMAvxfUfKjnRehBUIyCkVwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGoYSggTz2AlTT55KnVY5W4&google_cver=1

0
0

GET dcm
s.amazon-adsystem.com/ Frame D184 0
0

GET /
csync.loopme.me/ Frame D184 0
0

GET ix
ad4m.at/ad/sim/ Frame D184 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame D184 0
15 B 92ms
70ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZMAvxfUfKjnRehBUIyCkVwAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame D184
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1706214343&external_user_id=6b996eab-8974-4577-83b6-38b6bb1b1826

43 B
632 B

345ms
84ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1706214343&external_user_id=6b996eab-8974-4577-83b6-38b6bb1b1826
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 20:25:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Tue, 25 Jul 2023 20:25:43 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1706214343&external_user_id=6b996eab-8974-4577-83b6-38b6bb1b1826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 200 sync
ads.servenobid.com/ Frame D184 0
357 B 100ms
77ms Image
image/avif 34.253.156.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZMAvxfUfKjnRehBUIyCkVwAAFCsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.156.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-156-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:25:42 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 38D2 34 KB
10 KB 95ms
95ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 20:25:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2023 06:44:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37147
Connection: keep-alive
Content-Length: 10113
Expires: Wed, 26 Jul 2023 06:44:49 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 38D2 0
239 B 593ms
85ms Image
image/gif 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LKIQXYFF-1Z-3CSI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B1D6 0
594 B 84ms
84ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:42 GMT
an-x-request-uuid: 52fce69a-056a-4948-aa7b-e38033fc992b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 185.128.9.17; 185.128.9.17; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 76ms
76ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je37o0&_p=1200677144&cid=813263639.1690316737&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1690316737&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fbqlh9bgh&dt=The%20History%20Of%20Buckinghamshire%20Electricians%20In%2010%20Milestones%20-%20Pastelink.net&en=ad_impression&ep.query_id=CPT5hcbYqoADFdk54AodH5sF2g&_et=1476
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://pastelink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:25:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pastelink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET SPug
simage4.pubmatic.com/AdServer/ Frame 07ED 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=3314579194

Domain: hbx.media.net
URL: https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKIQXYFF-1Z-3CSI

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-AErQXQFE2oLyilJ4ZRlQqtma.QQviAy7gxxbkg--~A

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=j-pj6-DeRTG-EVFQ5r0ldA

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_05e6f6d4-d0da-4664-a8ed-8231ed63db50&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_05e6f6d4-d0da-4664-a8ed-8231ed63db50&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: dis.criteo.com
URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3729927191342844057&gdpr=0&gdpr_consent=

Domain: dsp.adfarm1.adition.com
URL: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: t.adx.opera.com
URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: ipac.ctnsnet.com
URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: green.erne.co
URL: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&gdpr=0&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=55fc7653-b929-4510-bae8-4a2303fd4792-64c02fc7-5541&gdpr=0&gdpr_consent=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGVmKWum_hPo6rRd_X9jb2s&google_cver=1

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGoYSggTz2AlTT55KnVY5W4&google_cver=1

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMAvxfUfKjnRehBUIyCkVwAAFCsAAAAB&gpp=&gpp_sid=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: ad4m.at
URL: https://ad4m.at/ad/sim/ix

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=161102&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pastelink.net/	1970-01-20 14:21:56	Name: PHPSESSID Value: 89dlinujon4f9mesrserooudq7
.pastelink.net/	1970-01-20 15:41:32	Name: _gcl_au Value: 1.1.551770299.1690316737
.pastelink.net/	1970-01-20 23:07:56	Name: _ga Value: GA1.2.813263639.1690316737
.pastelink.net/	1970-01-20 13:33:23	Name: _gid Value: GA1.2.855706927.1690316737
.pastelink.net/	1970-01-20 13:31:56	Name: _gat_UA-55088947-2 Value: 1
.pastelink.net/	1970-01-20 23:07:56	Name: _ga_4KDXYD7HFC Value: GS1.2.1690316737.1.0.1690316737.0.0.0
.rubiconproject.com/	1970-01-20 22:17:32	Name: khaos Value: LKIQXYFF-1Z-3CSI
.rubiconproject.com/	1970-01-20 22:17:32	Name: audit Value: 1\|naVuGyos1qoFce7cE86r5xT+ooZ/4y4gyFpuMAYmTG4QysEtrZV7NjOHESLX5rMakXNIlH39RRrmzxsY980nGcS6msSuYhvUvsVAPbIH/+GyqVI1k5poNA==
.adnxs.com/	1970-01-20 15:41:32	Name: icu Value: ChgIvahBEAoYASABKAEwwt-ApgY4AUABSAEQwt-ApgYYAA..
.adnxs.com/	1970-01-20 15:41:32	Name: uuid2 Value: 3729927191342844057
.pastelink.net/	1970-01-20 22:53:32	Name: __gads Value: ID=67379242b30e7c63:T=1690316738:RT=1690316738:S=ALNI_MZ2gIKTkRA-bpqfyryFeUjYLmFjtw
.pastelink.net/	1970-01-20 22:53:32	Name: __gpi Value: UID=00000c4783f4f223:T=1690316738:RT=1690316738:S=ALNI_MY4nsCXZ6nJN3v8lXiMvNVFW2W1CQ
.pastelink.net/	1970-01-20 23:07:56	Name: _ga_S3DKHVPF03 Value: GS1.1.1690316737.1.0.1690316738.0.0.0
.doubleclick.net/	1970-01-20 22:53:32	Name: IDE Value: AHWqTUkRHY-hzgSad-w1CQj-YAUkMzJa-Zr0bPxtT2GsVV5YRDaFPc2pq2c20IPlJgk
.travelaudience.com/	1970-01-20 23:03:37	Name: _tracker Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%22C3DEA0B5-1EF0-402C-AA27-1E491E93A67C%22%7D
.adventori.com/	1970-01-20 15:41:32	Name: tk_ui_third Value: 1
.adventori.com/	1970-01-20 15:41:32	Name: tk_ui Value: a7k_ISspEe6gCG_8s8tUXQ
.criteo.com/	1970-01-20 22:53:32	Name: uid Value: 2a186978-0959-4c65-bddc-0b2e2d65418f
.pastelink.net/	1970-01-20 22:53:32	Name: cto_bundle Value: Q6nCRV9sdDd5bUpXJTJGUXJpUTlZYXQzUDRaMHpvWFZBNjJYaEg4WUdvVkVTbmcwRWVvZXVvRkExMHBmRTVNJTJGTjhtRmR2UHdhdzFwMkslMkY3YjMzM1BnODNaOUZSUVQlMkZid3ozZ2F4ZzhzQThwN3BhY0slMkZ2dGhORkNmUW02dTJvSWlSRnZncE91WTZ4Wk14ZTM0RWlqUGE1bUlGZW1RJTNEJTNE
.ads.pubmatic.com/	1970-01-20 13:33:23	Name: KCCH Value: YES
.servenobid.com/	1970-01-20 13:42:01	Name: pid_312 Value: 3729927191342844057
.1rx.io/	1970-01-20 22:17:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9858c2a9-cb83-4ee3-b864-7e50a965b960-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.lijit.com/	1970-01-20 22:17:32	Name: ljt_reader Value: HCppuRZHXtp_zdc3Rta1D5IW
.gumgum.com/	1970-01-20 22:17:32	Name: vst Value: e_05e6f6d4-d0da-4664-a8ed-8231ed63db50
match.sharethrough.com/	1970-01-20 13:42:01	Name: AWSALBCORS Value: 63gkZOZUjTYrFeV8kCMPpmfC2nwBtY3cjphWXCuoG/LRHuGKpnxtvclUZgRuqoW/DP5nkL6vs7P3CIzrxW1xIlodnkgTiLlFt9foFSeSetBhtBnAQQnBctfZEIQK
.pubmatic.com/	1970-01-20 22:17:32	Name: KADUSERCOOKIE Value: 6DD58D2D-EBB6-4DE0-A08C-01C051B9A470
.pubmatic.com/	1970-01-20 15:41:32	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 13:33:23	Name: pi Value: 161102:2
.pubmatic.com/	1970-01-20 15:41:32	Name: DPSync3 Value: 1691452800%3A201_245_241_235
.pubmatic.com/	1970-01-20 15:41:32	Name: SyncRTB3 Value: 1691452800%3A161_214_254_3_166_71_220_46_21_13_8_55_238_176_54_264_22_165_251_233_234_81_88_56%7C1690848000%3A15_2_223%7C1691107200%3A63%7C1691539200%3A35%7C1692835200%3A203
.casalemedia.com/	1970-01-20 15:41:32	Name: CMPS Value: 5163
.casalemedia.com/	1970-01-20 15:41:32	Name: CMPRO Value: 5163
.smartadserver.com/	1970-01-20 23:02:11	Name: pid Value: 5612066060575107549
.lijit.com/	1970-01-20 22:17:32	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 13:42:01	Name: pid_309 Value: e_05e6f6d4-d0da-4664-a8ed-8231ed63db50
.disqus.com/	1970-01-20 22:17:32	Name: zeta-ssp-user-id Value: ua-e8dbf8ba-f2f9-3a97-982e-e1cb191201a4
.servenobid.com/	1970-01-20 13:42:01	Name: pid_310 Value: HCppuRZHXtp_zdc3Rta1D5IW
.servenobid.com/	1970-01-20 13:42:01	Name: pid_317 Value: 5612066060575107549
.rfihub.com/	1970-01-20 22:53:32	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzsjA3NzUyMbUwMBbiM9RN8S8oMqrMNA73SjUGAMgYYVMlAAAA
.rfihub.com/	1970-01-20 22:53:32	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmlgbGhmbmJkYGkAAB5DclwQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzsjA3NzUyMbUwMBbiM9RN8S8oMqrMNA73SjUGAMgYYVMlAAAA
.servenobid.com/	1970-01-20 13:42:01	Name: pid_324 Value: 5141210826173789541
.casalemedia.com/	1970-01-20 22:17:32	Name: CMID Value: ZMAvxfUfKjnRehBUIyCkVwAA
.servenobid.com/	1970-01-20 13:42:01	Name: pid_346 Value: ua-e8dbf8ba-f2f9-3a97-982e-e1cb191201a4
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85155\|ZMAvy
.servenobid.com/	1970-01-20 13:42:01	Name: pid_333 Value: ZMAvxfUfKjnRehBUIyCkVwAAFCsAAAAB

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://z.moatads.com/travel198849194933/moatad.js(Line 138) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6DD58D2D-EBB6-4DE0-A08C-01C051B9A470&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bd63fe7d4e9356b9ad3d602150aeeb1.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
ads.travelaudience.com
adventori.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu.adventori.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.moatads.com
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
region1.google-analytics.com
rtb.ads.travelaudience.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
a.audrte.com
aax-eu.amazon-adsystem.com
ad.turn.com
ad4m.at
bh.contextweb.com
c1.adform.net
cm-supply-web.gammaplatform.com
cm.adgrx.com
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
green.erne.co
hbx.media.net
image2.pubmatic.com
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.deepintent.com
match.prod.bidr.io
pixel.rubiconproject.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
s.amazon-adsystem.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
t.adx.opera.com
tg.socdm.com
um.simpli.fi
us-u.openx.net
x.bidswitch.net
104.123.45.151
104.17.24.14
104.18.2.114
104.18.25.173
104.26.2.70
104.26.6.139
104.26.8.169
13.32.145.88
13.41.214.66
130.211.23.194
135.125.163.195
142.250.181.226
142.250.184.227
142.250.185.129
142.250.185.162
142.250.185.164
142.250.185.194
142.250.185.198
142.250.185.78
142.250.186.129
142.250.186.138
142.250.186.35
145.40.97.66
15.197.193.217
151.139.128.10
152.199.22.191
172.217.18.2
178.250.1.11
178.250.7.10
178.250.7.2
18.195.243.79
184.30.24.22
184.51.104.207
185.184.8.90
185.255.84.150
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.86.138.154
193.0.160.131
213.19.162.51
216.239.32.36
216.52.2.30
216.52.2.86
216.58.206.40
23.211.10.211
23.35.229.251
23.35.236.188
23.60.204.187
3.209.195.142
3.75.62.37
34.107.148.139
34.225.236.157
34.247.233.198
34.253.156.189
34.96.71.22
35.187.184.108
35.190.0.66
37.252.173.215
50.31.142.31
51.89.9.251
52.214.214.124
52.50.63.74
54.246.8.205
54.72.81.170
64.227.34.52
67.220.226.234
69.166.1.10
69.173.144.165
69.173.151.100
69.192.160.219
77.245.57.72
81.17.55.98
88.208.215.108
91.228.74.206
99.81.57.224
99.84.88.77
00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7
00c5ba62a4d4bdc3103779e28395db393f79eb7f2cc2c17f58e97d1f2ad600e7
0129f5be99b790e4a2d1b054c478d7bd628b168ed6b2a0a9c0b74d0e3aaff8ab
05266a1e775365d71a365219ae83244d99816b24a8fac6888ec34635288f619d
07fcd1d0da6fa7a138f398aa484b99cdad68e5731ae83d6cac8f498a0ebc9277
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f1ecd101ab777d1ca7531c4a76cdcb6b5def1fe540c53ff2fc422ad57b45290
1019890c407f73e27e38834970e2e4da4918b82534814c6f41732816216a9953
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
1434ebda5f68933947fe38b3bf7046266c877424a73871c9e7694c8a75e615c7
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1fe6ad5e624e30ccf05dbf0c95df3642fd4fd2b3a629b2b93d7d11e2d3acbc22
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
217d77b3d3531e97301d1a144c343ae7d30c4847cc935a47718f58164dd185cb
2321323b4f54e59a8593b67fb682e6ab66d7d35066d2437de710cff023a5b235
250536fbe1c4516899004e47f2d47480a213b24f031911925f42cebd03baf0d2
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2d5420c2021e160f0f1d69913681a874f3f4d834ba633cb0e8ca9791d414d9e4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cd45f4bda50034fb0ce43902af07b2b502e0b6317eb3446d61c0d68d185bd1
37fa3832e3ef18c917a5f906515cc35fce5ac59c11d2025eed8bbffd53e1c00c
3a192baa8acadc38f548b55474d205b2f64945447e903855b26d3ed746b60b7e
3d0749146fc63bb6d7800a3881513323f9b8dd86d9664f092b014571797a0327
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e25526ec39fb4539bbd10d2895f11d47b01d3e3e7495a4711d13ce0ad1f8644
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cdbdddd5edb5d20df69fb3ef10dd8eb449d0248defdf52593ee73d4f993bf5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215
4d7071f1e938b4e9595021b31ecbcccd502f4a2fde08039f9f4d76832cc8b8fa
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
572c81bd1a99e559e2d8c9203a48e7e3ed17ed47a6a5e53c10ca9b0946451aa2
58a8f57932703dcf20211f29eda87e2fa5154dcfe22a78d50287f222c7f638b7
5a14d7bd1699abb15b23de83e68faa49a4350606f9de3311156de136d27de304
5e3f6b80d35a542126cfd628a080fc84e6ced561eb28e2d8da76c3001109378d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66f27425fa0d33ca6b00f54fe6d41717278edba6cde5146282e9b2e1f4b91878
69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7b96cde7491c8bbf9a865074b6ce9c4fe53b6906c2ca7e2402c64beded814365
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8bd5cb79630996a1ffc4361dd1e82dce40c2dd5cc5c2d1ee93260bdf69035dd0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eeb675cf623424134ac3543609e667d2072a198080f794bdbc3fccf927786bb
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
959b323d6d404b16646fff656d108c0ef6079419e6a5536ff04f24b69a706d67
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97ed6e94db044dae621fdae2410eb2748c400221b6da391b25124a2b96813e2f
986511b599e1b5ec43cc6e71bdabe5c65ec1f30b02840edfc855db01c0c362bc
9946ad8d15a262d3a77da0d56b5838c77ba7429e1ed4a8c3e9f5fae04d2460f6
9eae504d623db7fd1f245deeaac2766272d90354e258197387d2470fbf73656e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e5613b3e2c3dd113dbfbf2d26ce6a46e8ab8b34cbb118fd40f3ec7e15c1814
a58e0f59ae04db53972778055614870357203a20ee085a16be019653a141336d
a64eee02706eff33279e6fc242305e3416afe856ed9430632cf3f05dc003fa26
a745d730eae3fbc326a08d406593513f564473ddd5d5519ba10ba69b8a36ee6d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b471cb64ec1ec6768f5af35b1553f0f4b3778fb1409353b175feef47b725e83a
b6339d240eb57a8b87059ea8e4cd32ee90d34dcfba785955bc94d6dd1138065c
b849e865cb27cf8d88d106664e7154243dc8686d222da3399f0e6e274b278308
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
bd3434dbd3d18a675a6280d77d79977ee5da937bb570cf6b30fd7ac63fc0a10a
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
bdcc186c574c56a4d5c55e6accd54ccccd0a6b8c0c17ee9559a24aee2e5a4e08
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c32e2f0b0f75ff7d8a4441de301276cd48e6aa4d97eb72007bfd274c11de639a
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd42b306e9e9901eb83bba5c2461cfd0dc99655899257ef88474324789a88439
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dac7e6c5d202c1176aa06b67210c7de202a6baf2e76deb2d1ba3cfa646771cca
de0136fecb68daa42f12131473e364ed88e3b4bceb2c443fdbcd3bf46f57393a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb02045a62877356c612268e332f25dd8efa94c8026be1ab40fdcc69c4b9f905
ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78
ecffe1a2db6cd3a0cfd033772fb6351d6c2b3fadd63c9864c8906f0e0c2e7b1c
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efac67a18cc2c990577efeb9f193505a602e61cf7fcee2ecec37d968dcbf70b9
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
f2a5bfb1fbe1d1bd266d396cbc14d637207bc97ef7c0d563417b15826b792c4c
f4bda5ecc987de2c971fcb1f7e2421dcaf0176421a50962150bb2b5de69e3232
f62774e0fe35ad4b9eff05df667da9777f3a19f2c513c8625ddfec5487411463
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pastelink.net Open in urlscan Pro 88.208.215.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

230 Requests

71 %HTTPS

0 %IPv6

82 Domains

119 Subdomains

68 IPs

9 Countries

2112 kBTransfer

4621 kBSize

46 Cookies

15 Outgoing links

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pastelink.net Open in urlscan Pro
88.208.215.108 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

71 %
HTTPS

0 %
IPv6

82
Domains

119
Subdomains

68
IPs

9
Countries

2112 kB
Transfer

4621 kB
Size

46
Cookies

230 HTTP transactions
2 data transactions