urlscan.io logo urlscan.io
SecurityTrails logo

pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://pastelink.net/bvpyuz2q
Submission: On December 07 via manual from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 101 IPs in 9 countries across 100 domains to perform 373 HTTP transactions. The main IP is 88.208.215.108, located in United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 263737.
TLS certificate: Issued by R3 on December 7th 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 88.208.215.108 8560 (IONOS-AS ...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 161.35.94.188 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.181.230 15169 (GOOGLE)
1 161.35.94.167 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 17 51.89.9.254 16276 (OVH)
5 185.86.138.121 201081 (SMARTADSE...)
6 21 37.252.172.123 29990 (ASN-APPNEX)
17 52.51.96.110 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
12 178.128.135.204 14061 (DIGITALOC...)
1 2 63.33.18.223 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
4 2602:803:c003... 26667 (RUBICONPR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 18.66.97.14 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 108.139.243.34 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 52.214.165.240 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 6 2a02:2638:3::c 44788 (ASN-CRITE...)
1 141.95.33.120 16276 (OVH)
2 2 54.78.81.45 16509 (AMAZON-02)
3 34.149.40.38 396982 (GOOGLE-CL...)
5 6 3.71.149.231 16509 (AMAZON-02)
2 5 35.244.159.8 15169 (GOOGLE)
6 6 37.157.2.228 198622 (ADFORM)
2 5 52.94.223.37 16509 (AMAZON-02)
9 35.71.131.137 16509 (AMAZON-02)
12 20 142.250.185.66 15169 (GOOGLE)
4 185.29.132.241 30419 (MEDIAMATH...)
6 9 69.173.144.138 26667 (RUBICONPR...)
2 2 2607:ae80:192... 26558 (FREEWHEEL)
10 17 69.173.144.139 26667 (RUBICONPR...)
1 1 80.77.87.162 46636 (NATCOWEB)
3 5 5.196.111.69 16276 (OVH)
3 35.244.174.68 15169 (GOOGLE)
1 8 52.46.143.56 16509 (AMAZON-02)
6 6 198.47.127.18 62713 (AS-PUBMATIC)
3 19 198.47.127.205 3257 (GTT-BACKB...)
7 7 18.197.244.187 16509 (AMAZON-02)
2 2 3.125.110.167 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:46::45 8075 (MICROSOFT...)
7 23.52.122.108 16625 (AKAMAI-AS)
1 178.79.242.181 22822 (LLNW)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
4 4 208.93.169.131 46244 (WEBMD-IDC...)
15 2.19.216.27 16625 (AKAMAI-AS)
3 2.16.164.91 20940 (AKAMAI-ASN1)
16 95.101.196.17 16625 (AKAMAI-AS)
2 5 2a02:26f0:2c:... 20940 (AKAMAI-ASN1)
3 3 23.212.211.47 16625 (AKAMAI-AS)
8 2.19.217.60 16625 (AKAMAI-AS)
2 11 104.18.36.155 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 4 54.211.0.120 14618 (AMAZON-AES)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 2 52.28.254.225 16509 (AMAZON-02)
1 3 52.209.217.80 16509 (AMAZON-02)
1 67.202.105.23 32748 (STEADFAST)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
6 6 52.30.179.44 16509 (AMAZON-02)
1 2 145.40.97.67 54825 (PACKET)
2 2 52.45.83.84 14618 (AMAZON-AES)
5 52.58.31.215 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
2 3 216.52.2.30 30282 (AS-INAPCD...)
4 68.67.160.186 29990 (ASN-APPNEX)
4 11 185.86.138.146 201081 (SMARTADSE...)
5 7 52.208.123.102 16509 (AMAZON-02)
4 23.52.122.164 ()
1 99.84.88.104 ()
2 2 85.114.159.118 ()
3 3 46.228.164.11 ()
2 63.33.168.200 ()
1 99.84.88.3 ()
1 77.245.57.72 ()
4 54.145.99.161 ()
2 216.52.2.39 ()
4 4 46.228.174.117 ()
2 2 193.0.160.131 ()
1 1 69.166.1.67 ()
1 1 23.35.224.23 ()
3 3 2620:116:800d... ()
1 1 54.159.180.193 ()
2 2 35.210.53.219 ()
1 2 151.101.130.49 ()
1 1 82.145.213.8 ()
1 63.251.232.165 ()
2 2 213.155.156.166 ()
1 195.5.165.20 ()
1 35.186.193.173 ()
1 1 141.94.242.206 ()
2 2 141.94.171.213 ()
1 2 34.111.129.221 ()
1 1 35.194.66.159 ()
1 198.47.127.20 ()
2 2 98.98.134.241 ()
2 2 2a02:fa8:8806... ()
1 1 64.227.64.62 ()
1 54.81.245.140 ()
1 1 35.208.249.213 ()
9 52.210.15.1 ()
1 1 51.255.68.171 ()
1 169.197.150.8 ()
2 2 185.184.8.90 ()
1 1 8.43.72.97 ()
1 54.194.233.137 ()
373 101
13    88.208.215.108 (United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
pastelink.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    161.35.94.188 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-16.buysellads.com
cdn4.buysellads.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
10    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    161.35.94.167 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-18.buysellads.com
srv.buysellads.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
17    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
21    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
fra1-ib.adnxs.com
secure.adnxs.com
17    52.51.96.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
12    178.128.135.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
rt.marphezis.com
2    63.33.18.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-18-223.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
4    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-14.fra56.r.cloudfront.net
connectid.analytics.yahoo.com
1    2600:9000:2250:3c00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    108.139.243.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-34.mxp63.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    52.214.165.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-165-240.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
2    54.78.81.45 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-81-45.eu-west-1.compute.amazonaws.com
ice.360yield.com
3    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
6    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
20    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
token.rubiconproject.com
2    2607:ae80:192:1::172 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
17    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
5    5.196.111.69 (France)

ASN16276 (OVH, FR)
PTR: ip69.ip-5-196-111.eu
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
8    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
19    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
simage2.pubmatic.com
7    18.197.244.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-244-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.125.110.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-110-167.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com
4    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
7    23.52.122.108 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-122-108.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs-simple.com
acdn.adnxs.com
1    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
cdn.topsrvimp.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
15    2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com
contextual.media.net
3    2.16.164.91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-91.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
16    95.101.196.17 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-196-17.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
5    2a02:26f0:2c::213:614a (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    54.211.0.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-0-120.compute-1.amazonaws.com
i.liadm.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2600:1f18:ed:550a:3941:84f1:d852:9a8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    52.28.254.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    52.209.217.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-217-80.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    67.202.105.23 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2a05:d018:d29:3601:c84a:f3f:c1a8:24dc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    52.30.179.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-179-44.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    52.45.83.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-83-84.compute-1.amazonaws.com
sync.ipredictive.com
5    52.58.31.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-31-215.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
3    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
4    68.67.160.186 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
11    185.86.138.146 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
7    52.208.123.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-123-102.eu-west-1.compute.amazonaws.com
a.audrte.com
4    23.52.122.164 (None, )

ASN- ()
ads.pubmatic.com
1    99.84.88.104 (None, )

ASN- ()
public.servenobid.com
2    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
3    46.228.164.11 (None, )

ASN- ()
ad.turn.com
2    63.33.168.200 (None, )

ASN- ()
g2.gumgum.com
rtb.gumgum.com
1    99.84.88.3 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (None, )

ASN- ()
sync.adkernel.com
4    54.145.99.161 (None, )

ASN- ()
cs-server-s2s.yellowblue.io
2    216.52.2.39 (None, )

ASN- ()
ap.lijit.com
4    46.228.174.117 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
1    69.166.1.67 (None, )

ASN- ()
sync.go.sonobi.com
1    23.35.224.23 (None, )

ASN- ()
hbx.media.net
3    2620:116:800d:21:93ca:31d8:d86e:38f6 (None, )

ASN- ()
cms.quantserve.com
1    54.159.180.193 (None, )

ASN- ()
sync.srv.stackadapt.com
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    63.251.232.165 (None, )

ASN- ()
cm.adgrx.com
2    213.155.156.166 (None, )

ASN- ()
d5p.de17a.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    141.94.242.206 (None, )

ASN- ()
green.erne.co
2    141.94.171.213 (None, )

ASN- ()
pixel-eu.onaudience.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    35.194.66.159 (None, )

ASN- ()
um.simpli.fi
1    198.47.127.20 (None, )

ASN- ()
image4.pubmatic.com
2    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
2    2a02:fa8:8806:12::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    54.81.245.140 (None, )

ASN- ()
rtb.adentifi.com
1    35.208.249.213 (None, )

ASN- ()
trace.mediago.io
9    52.210.15.1 (None, )

ASN- ()
usersync.gumgum.com
1    51.255.68.171 (None, )

ASN- ()
dsp.nrich.ai
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    8.43.72.97 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    54.194.233.137 (None, )

ASN- ()
cs.yellowblue.io
Apex Domain
Subdomains		 Transfer
42 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com
80 KB
33 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net — Cisco Umbrella Rank: 665
warp.media.net — Cisco Umbrella Rank: 2561
lg3.media.net — Cisco Umbrella Rank: 6606
hblg.media.net — Cisco Umbrella Rank: 2037
hbx.media.net
362 KB
33 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image8.pubmatic.com — Cisco Umbrella Rank: 661
image2.pubmatic.com — Cisco Umbrella Rank: 859
image6.pubmatic.com — Cisco Umbrella Rank: 793
ads.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
47 KB
31 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
cdn.adnxs.com — Cisco Umbrella Rank: 1605
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8028
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1443
secure.adnxs.com — Cisco Umbrella Rank: 478
acdn.adnxs.com — Cisco Umbrella Rank: 610
173 KB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
211 KB
21 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1657
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622
17 KB
18 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2371
public.servenobid.com
10 KB
17 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
10 KB
13 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
9 KB
13 pastelink.net
pastelink.net — Cisco Umbrella Rank: 263737
346 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
51 KB
12 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 9704
36 KB
11 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
4 KB
11 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
8 KB
11 yahoo.com
connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4156
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
13 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
1 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
15 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2112
4 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
2 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
eu-u.openx.net — Cisco Umbrella Rank: 2473
us-u.openx.net — Cisco Umbrella Rank: 491
u.openx.net — Cisco Umbrella Rank: 672
2 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
3 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
dmp.adform.net — Cisco Umbrella Rank: 2870
4 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
u.4dex.io — Cisco Umbrella Rank: 3500
28 KB
5 yellowblue.io
cs-server-s2s.yellowblue.io
cs.yellowblue.io
2 KB
5 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
ap.lijit.com
2 KB
5 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
171 B
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
i6.liadm.com — Cisco Umbrella Rank: 2358
3 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 60
11 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
243 KB
5 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 28340
193 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
255 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1031
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
sync.crwdcntrl.net
13 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 931
api.btloader.com — Cisco Umbrella Rank: 1000
21 KB
3 quantserve.com
cms.quantserve.com
2 KB
3 1rx.io
sync.1rx.io
2 KB
3 turn.com
ad.turn.com
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1939
888 B
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 711
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
creativecdn.com
2 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
74 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
257 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 weborama.fr
cr.frontend.weborama.fr
499 B
2 onaudience.com
pixel-eu.onaudience.com
1 KB
2 de17a.com
d5p.de17a.com
562 B
2 everesttech.net
sync-tm.everesttech.net
769 B
2 admedo.com
pool.admedo.com
747 B
2 rfihub.com
p.rfihub.com
1 KB
2 adition.com
dsp.adfarm1.adition.com
1011 B
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
523 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 836
958 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
362 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1053
104 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4323
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1817
657 B
2 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
ssc-cms.33across.com — Cisco Umbrella Rank: 904
5 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
34 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655
visitor.omnitagjs.com
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1018
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 deepintent.com
match.deepintent.com
44 B
1 nrich.ai
dsp.nrich.ai
582 B
1 mediago.io
trace.mediago.io
375 B
1 adentifi.com
rtb.adentifi.com
35 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 simpli.fi
um.simpli.fi
656 B
1 erne.co
green.erne.co
412 B
1 ctnsnet.com
ipac.ctnsnet.com
359 B
1 iprom.net
core.iprom.net
279 B
1 adgrx.com
cm.adgrx.com
283 B
1 opera.com
t.adx.opera.com
553 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 sonobi.com
sync.go.sonobi.com
625 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
465 B
1 adkernel.com
sync.adkernel.com
134 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
647 B
1 adnxs-simple.com
acdn.adnxs-simple.com — Cisco Umbrella Rank: 2660
46 KB
1 topsrvimp.com
cdn.topsrvimp.com — Cisco Umbrella Rank: 16941
16 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4453
31 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1022
597 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 21550
712 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
1 KB
0 socdm.com Failed
tg.socdm.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 tribalfusion.com Failed
s.tribalfusion.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 loopme.me Failed
csync.loopme.me Failed
373 100
Domain Requested by
17 pixel.rubiconproject.com 10 redirects onetag-sys.com
pastelink.net
17 cm.g.doubleclick.net 12 redirects google-bidout-d.openx.net
onetag-sys.com
pastelink.net
g2.gumgum.com
17 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
onetag-sys.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-server-s2s.yellowblue.io
cs-rtb.minutemedia-prebid.com
17 onetag-sys.com 4 redirects cdn4.buysellads.net
pastelink.net
onetag-sys.com
public.servenobid.com
15 contextual.media.net cdn4.buysellads.net
acdn.adnxs-simple.com
pastelink.net
contextual.media.net
rt.marphezis.com
13 pastelink.net pastelink.net
12 rt.marphezis.com cdn4.buysellads.net
pastelink.net
ssum-sec.casalemedia.com
11 rtb-csync.smartadserver.com 4 redirects ssbsync.smartadserver.com
11 fra1-ib.adnxs.com cdn4.buysellads.net
pastelink.net
cdn.adnxs.com
acdn.adnxs-simple.com
10 image2.pubmatic.com 3 redirects ads.pubmatic.com
10 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
pastelink.net
www.googletagservices.com
9 usersync.gumgum.com g2.gumgum.com
9 simage2.pubmatic.com ads.pubmatic.com
9 match.adsrvr.org google-bidout-d.openx.net
onetag-sys.com
ssum-sec.casalemedia.com
pastelink.net
ssbsync.smartadserver.com
ads.pubmatic.com
g2.gumgum.com
8 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 lg3.media.net pastelink.net
contextual.media.net
8 eus.rubiconproject.com pastelink.net
eus.rubiconproject.com
cdn4.buysellads.net
public.servenobid.com
g2.gumgum.com
8 s.amazon-adsystem.com 1 redirects onetag-sys.com
ssum-sec.casalemedia.com
pastelink.net
ssbsync.smartadserver.com
8 ib.adnxs.com 4 redirects cdn4.buysellads.net
acdn.adnxs.com
7 a.audrte.com 5 redirects ssbsync.smartadserver.com
ads.pubmatic.com
7 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 x.bidswitch.net 7 redirects
6 match.prod.bidr.io 6 redirects
6 image8.pubmatic.com 6 redirects
6 ups.analytics.yahoo.com 5 redirects connectid.analytics.yahoo.com
5 match.sharethrough.com pastelink.net
public.servenobid.com
ssbsync.smartadserver.com
cs-server-s2s.yellowblue.io
5 hblg.media.net pastelink.net
5 www.bing.com 2 redirects pastelink.net
5 aax-eu.amazon-adsystem.com 2 redirects google-bidout-d.openx.net
pastelink.net
ads.pubmatic.com
5 c1.adform.net 5 redirects
5 prg.smartadserver.com cdn4.buysellads.net
5 cdn4.buysellads.net pastelink.net
4 cs-server-s2s.yellowblue.io public.servenobid.com
ads.pubmatic.com
cs-server-s2s.yellowblue.io
4 ads.pubmatic.com cdn4.buysellads.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 nym1-ib.adnxs.com rt.marphezis.com
pastelink.net
cdn.adnxs.com
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 ssbsync.smartadserver.com 2 redirects pastelink.net
public.servenobid.com
4 i.liadm.com 3 redirects ssum-sec.casalemedia.com
4 ssum-sec.casalemedia.com 1 redirects pastelink.net
public.servenobid.com
4 bh.contextweb.com 4 redirects
4 cdn.adnxs.com cdn4.buysellads.net
rt.marphezis.com
4 www.googletagservices.com securepubads.g.doubleclick.net
pastelink.net
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 sync.mathtag.com onetag-sys.com
ads.pubmatic.com
4 gum.criteo.com 2 redirects static.criteo.net
4 fastlane.rubiconproject.com cdn4.buysellads.net
4 fonts.gstatic.com fonts.googleapis.com
3 cms.quantserve.com 3 redirects
3 sync.1rx.io 3 redirects
3 ad.turn.com 3 redirects
3 ce.lijit.com 2 redirects pastelink.net
3 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 warp.media.net cdn4.buysellads.net
rt.marphezis.com
3 qsearch-a.akamaihd.net cdn4.buysellads.net
rt.marphezis.com
3 id.rlcdn.com onetag-sys.com
3 u.4dex.io pastelink.net
onetag-sys.com
ssbsync.smartadserver.com
3 static.criteo.net securepubads.g.doubleclick.net
cdn4.buysellads.net
static.criteo.net
3 api.btloader.com btloader.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com pastelink.net
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com pastelink.net
securepubads.g.doubleclick.net
2 creativecdn.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 pool.admedo.com 2 redirects
2 p.rfihub.com 2 redirects
2 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
2 dsp.adfarm1.adition.com 2 redirects
2 acdn.adnxs.com pastelink.net
cdn4.buysellads.net
2 secure.adnxs.com 2 redirects
2 capi.connatix.com 1 redirects pastelink.net
2 pixel.tapad.com 1 redirects pastelink.net
2 sync.ipredictive.com 2 redirects
2 prebid.a-mo.net 1 redirects pastelink.net
2 pm.w55c.net 2 redirects
2 dis.criteo.com 2 redirects
2 i.clean.gg acdn.adnxs-simple.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 ads.stickyadstv.com 2 redirects
2 us-u.openx.net 1 redirects google-bidout-d.openx.net
2 mug.criteo.com pastelink.net
2 ice.360yield.com 2 redirects
2 oajs.openx.net 1 redirects pastelink.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 ad-delivery.net pastelink.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 match.deepintent.com g2.gumgum.com
1 dsp.nrich.ai 1 redirects
1 trace.mediago.io 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 green.erne.co 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 hbx.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
1 g2.gumgum.com public.servenobid.com
1 visitor.omnitagjs.com 1 redirects
1 public.servenobid.com cdn4.buysellads.net
1 dmp.adform.net 1 redirects
1 px.ads.linkedin.com pastelink.net
1 ssc-cms.33across.com pastelink.net
1 i6.liadm.com ssum-sec.casalemedia.com
1 acdn.adnxs-simple.com cdn4.buysellads.net
1 u.openx.net 1 redirects
1 cdn.topsrvimp.com cdn4.buysellads.net
1 adsdk.microsoft.com cdn4.buysellads.net
1 58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ssbsync-global.smartadserver.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 eu-u.openx.net google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 connectid.analytics.yahoo.com securepubads.g.doubleclick.net
1 bidder.criteo.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 hbopenbid.pubmatic.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 ad.doubleclick.net pastelink.net
1 btloader.com cdn4.buysellads.net
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com pastelink.net
0 tg.socdm.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
0 s.tribalfusion.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
ssum-sec.casalemedia.com
373 158
Subject Issuer Validity Valid
pastelink.net
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn4.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-11-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
btloader.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.marphezis.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
connectid.analytics.yahoo.com
GlobalSign ECC OV SSL CA 2018		 2023-08-15 -
2024-02-08		 6 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-10-22 -
2024-01-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
cdn.topsrvimp.com
Go Daddy Secure Certificate Authority - G2		 2023-10-16 -
2024-11-16		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh

This page contains 70 frames:

Primary Page: https://pastelink.net/bvpyuz2q
Frame ID: E26184CA799D0327C0F660DD65F03881
Requests: 89 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Frame ID: AB827F91E54A2833832E2FFC2B6E3FEA
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C217D450183B41833F3E7848F4320834
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 211566ACB2DFECDF2F59B06066DFA0C7
Requests: 17 HTTP requests in this frame

Frame: https://58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D500B8987F9CC43EA2CFE52604C0DC7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmE8AWm3Pjm56K3Hx_FLKp831uIp3Dpq1MwJhFGknlYrqMrWwVlStEtNcdCSmAuX3eoDNGbErpqoMg-JJK1SexQdCdl9VodrhNbazPur_ZYFm9hTPlw3c_3TbPasY6mnRJqH1CVTQx_SCjwmk98XsauwG8aCcAGnPimeuem9kzuMj7mmDtvZ1FRfQkFx7px6GT9yEkve1itvX0R_3oLi3a0q4QEe8rC5w0WcNJ9-hF5QyZaEWkFSxOJuJr-omQpwq9gAFfXbXsAljw9g0lcsnCsn72nS-zA0tRQP4B_AD9J_U4u334R5MQnIOV46L-ZbMTqZfHbObshYcVDEnfFRNoLWIY3phD8T1WHrTS4OBZ0ykAQaq6wjDENyy7unQ&sai=AMfl-YQzTLwqSg9mJrCwz4Sti83WhADq0LLKU62SkLTS_21fWouQCYz8VeZ_NhFY63tX7TDamBV0FXKY4eH9Gwq4ztA0quOJxH2vUGUXdDmO_UKeR2ZaBsO2VaQUQsag9isJR99Fquwd21MO-Q&sig=Cg0ArKJSzJWc0yFOt4thEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: DCB112CD200A93880AF9E71C70B6E4ED
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXF0ddnqXpJ6ButLfvYlseSrF1OwE81Zta0mwKDKjIchnnfEqiGhiOzD8Cn3eO1cFuHsXnxWkPpLPO-0ot0L9wz-DM6dEhwofOMScPzhMdLBd_8qvR0nQJT3QgL-sZ3OqMSfzRNBHonizjAh9ddS2RpGkMtObaOMp73fCCB0Zb6Sm2-DZ5Rk8he1PlEKBWMq8-W7NuvHABdhHi5L3LICGQcd1cHTtcQCUCmHIjvs4dcGEaVxAYxhLfGVaivd_rJD-zxElvz1DoA1jC0mqlgB68PnvtSSFaKAzTNtR45NXoiPsKvFOGH2CVqVyeWWqNkqVbrmXsmDXE78S7BJFIRgavtKdPsdeOGziOLYX4BEsh6X62K-_iiGWVKfTPrgI20qQ&sai=AMfl-YR1qIltZ_4WUNzsZe5XA9OM_dDewWDRv09tnn4FpYYZzthDyfzFZKIvlnP3B06h6OzF9J4IX8LUFXUc6nIuW8-QkTE9rjKstLfUuXa32r9BQsNEVNU9jC0XCEVl0Cm2ZJYAnuJIpsbbfw&sig=Cg0ArKJSzHxcn3vJqlxCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AAC855D3FDF9C0092331CC6F3E71C459
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXMOFQ7FHEEcz-N5nfWDlsia0k3beq3TRnPjq5JBV0mGzpvjMriqXEzgcv_mwdMBMW1X6dd6ScKeeL5uSyudtQjhhJY8FcPfCGczNL9x6a3O2JYasQle-rJiHdMXfUPdEO-OuQT8b1BO4rIuGuM-ShvDhchw5-W0HEYFtjeK0xrsNi-5J3g6Hk214i3JmdVcsEOc1MbtOuT9-mMWk4X_84NI38JhB3pLL5w0z1rzpGcGlQeuW7Rnw8qqI8uJXhVYxC1Bj6bn4JylgT8xFE7LyDUXrt29i3L-f1zpEHXrJwStrwfImXJ5g2V_QtqlEJksfgRLskedJroGga4SxdyT0C_ViqW_axT3GIzReUigb4CY4LOcnI_9qhrw&sai=AMfl-YSK0wTZ0OPxZSuM1OEg104Sqm_iMOwhMRXca21E0uzbLTR1gunfloY7LML6FN36CFFnSAOpA0zoCAT7qFTrd2ZrvsynSunuW-n1_cj7D4cbwx01ao3azajthCDdJZvVCnqYxHNOhnpl3g&sig=Cg0ArKJSzLSFJFmbHM31EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BEE39CB78411B49181715300C977C29B
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 3D643EC16CEF6B8D7C3380D67F98489E
Requests: 2 HTTP requests in this frame

Frame: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Frame ID: BBC9E2198413256499D622417B7CF6CC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 90062EF368E126D210BF16F81F9986B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 220B028D8A20DEB9F093E00E7861E716
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Frame ID: 00394FAEEA16683FBF447C1AF2977816
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Frame ID: B830FF534D8E372B23501DFFA906DD7F
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2525&&kkdd=uA%7CW%7CuHhn3*A9&222=bRSU6OlIUOKhli-U.mTpbLIxQKMv-ud~aQnUz(9*SrhVscyHf5SRU_%3D%3D&aW=mqNm)qAvHyqvsdqmvsA&_iY2=m&MkY*=N&lia=mmd)&bklh=OvsN&lWi=H1Xsn1.JS&lYli=Y5ybGQbrb15l9N0Ip29hQz%3D%3D&l2Wi=HvAymyANs&kWRh=vvyLdHN&ll=1D&kl=-D&l6jM=DwS!CV9&YWi=H(C13d3Co&bYWi=3dmvvsd&6bbYk=m&ep2P=6bbYk%3A%2F%2FY*kbhIWjeEjhb&hep2P=pqqTz%3ArrTmzqu7HRXERuq&jkh=A&Ip=m&f_i=s&*ibm=H1XzVmAdu&*ibd=HHmAdyHms&xi*b*=kid%3DjfIIFWf2IKI%3DdNFQ_h2YM%3DNENsFapKhLl%3DNEvyFaWkKki%3DmqHFild%3DmFkli%3DR_FaK*kj%3DAyHNvFaId2Kki%3DdNdvmdNqmmFWf2IKx%3DmvdyEyvFf2IKbel%3DNFkbi%3D%2FddsNAsHmN)m%2F(*kbhIWjeKrdrKGjbh2kbWbW*IKSCr%23xk*URQjhKmyqAHyHsAvmN)UAKmdvsAyFI*kb%3DFaWkKf2IKx%3DNENHFWY%3DvQXSplFPxx%3DNFaWkKf2IKI%3DdNF2WWYf*%3Dq%2CqFhb%3DmNF2l%3DmF2YkKki%3DdNdvmdNqmdFaWkKx%3DsqNENHFf2IKx%3DNEqAFaId2Kf2IKx%3DNFaId2Kf2IKaW%3DmTUmyFf2IKbaW%3DNFhlYKhh2%3DdEdAFf2IKI%3DdNF_l*b%3DUmFxx%3Dm)yFaa%3DNFId2Kx%3DmNNNFh2YM%3DNENsFaId2Kf2IKel%3DNTNFxM%3DmF*vYKx%3DdEqv%2CvmEAFkWi%3DHvAymyANsFki%3DNFfWi%3DddiA~cSqYCyIMls6*oFxbi%3DvNq)qmqyv)NqHNqqyvvymqAvNHHyAA)mdd)Hs)AAmqms)NA)dqsdNAysqvm)qvqvAAmNy)HqNvy)syvsyNNv)Hv)H)dAyNmH)qddydsFapf%3DNEvyFidYKI%3DmNFvYlP%3DmNNNFfWM%3DNFQ_KMk6%3DNENsFiMMKkb2_%3D6*2MQj0FidYKx%3DNE)HFQ_idYKx%3DNE)yFaf2IKx%3DmEd)Fkk%3DVwFll%3D1DFfWp%3DUmFlh%3DNF2YkKx%3DvmEAFaf2IKI%3DdNF1G%3DvNAvFexKfl%3DUdFjbk%3DvFexKllek%3DUdF!(d%3DEg%2FYEgFlb%3D6fjhjxh2_FxkkK.3o%3DVw%2CVwFx*kWkd%3Dm)yFx*kWkm%3Dm)yFWkShP%3DNFWaf2IKx%3DNEqHFWkWP%3DNFxWi%3DNENsFil%3DHFaId2Kx%3DdEqvFWaf2IKI%3DdNFlxiY%3DNENdsFWb0YhKWi%3DmyFkhIIh2Kb*_KWi%3D%2FddsNAsHmN)m%2F(*kbhIWjeKrdrKGjbh2kbWbW*IKSCr%23xk*URQjhKmyqAHyHsAvmN)UAKmdvsAyFkfYYI0Kb*_KWi%3Dd)mNvmqHFaWhp*xWIWb0%3DNEvAq)dFYQk%3DNFl*22Wh2Gi%3DNFQ_xWi%3DNENsNFxPI2%3DNENNNFkfWi%3DFibl%3DhfKxhFiMMKh2YM%3DP*IkhFiMM%3D6*2MQj0FxiYl*Yi%3DNFi*I_%3DfjWkQjdyFWjkI%3DNFkQxY%3DF6bMI%3DmFilfb%3DsNFiQ_x%3DNUmFWxl%3DmFjkR%3DvFb_k%3DvNNLdAN%7CvNNLyNN%7CvvyLdHNFxkx%3DNFxkY%3DNFbML%3DmNH&jba=N&MMM=lXuBMy-CIN*P1SyiwB79DDWICmRDrj(shp2RlykV.p(Xc9uS!N*30aB27lb*O7uIaj~T29noX*vMOb)xmwyq-Sn3W2YwXP0fSJJhq0732P9%3D&Wp=N&WjGP2=m&xi2Gi=syN&xWi=vs)NyA&ebbIh=36h%20mN%20rl*2Whkb%2036Wj_k%20wxQfb%20rY*_6hbbW%20rb2*Yk%20nIQph2%20~W2I%2052hkk%20U%20(*kbhIWjeEjhb&MlP=))dN&0ikY2=m&e*bY2h=m&e*bxWi=UmNv&l*iQM*Wj=bRSU6OlIUOH.bCOsu-QW1.6HblvwYRfvY4HWYNhs(RT%3D&0YIY=m&WkWi=A&*ia=~hjh2*I%20rh*2l6&Y_Wi=YNmHNvHAqNyHbdNdvmdNqmHAy&kkIi=%7B%22kkWY%22%3A%22mHAEm)AEqmEN%22%2C%22kkll%22%3A%221D%22%2C%22kkkl%22%3A%22-~%22%2C%22kklb0%22%3A%22D%C3%83%C2%BCjhjxh2_%22%7D&6bMIk2l=m&sflct=5590675&ure=1
Frame ID: 61B44531E97DFBFC108CA23CA61471D0
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Frame ID: AD0CB86883B4EC2083BB00BC836F8596
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C3016%2C313%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: CBA505E042DD9AD170050D52766F4D64
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2462&&kkdd=!%7CH%7CA*n9&e8=Sa9SAa3lhEUUAa9Ha9H&yOJ-=S&qDJ1=9&nOe=SSUA&KDnV=YlH9&n8O=hw_HswNRW&nJnO=JTEKCmK4KwTn29fPB-2VmM%3D%3D&n-8O=hl3ESE39H&D8!V=llE~Uh9&nn=wZ&Dn=uZ&nbkq=ZzWctI2&J8O=hdtwQUQt7&KJ8O=QUSllHU&bKKJD=S&---=K!WgbYnPgY0VnOugNSoBK~PGm0qlu6U.emsgMd21W4VIHFEhxTW!gy%3D%3D&kDV=3&PB=S&xyO=H&1OKS=hw_MIS3U6&1OKU=hhS3UEhSH&GO1K1=DOU%3DkxPPr8x-P0P%3DU9rmyV-Jq%3D9*9HreB0V~n%3D9*lEre8D0DO%3DSahrOnU%3DSrDnO%3D!yre01Dk%3D3Eh9lrePU-0DO%3DU9UlSU9aSSr8x-P0G%3DSlUE*Elrx-P0K5n%3D9rDKO%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErP1DK%3Dre8D0x-P0G%3D9*9hr8J%3Dlm_WBnrLGG%3D9re8D0x-P0P%3DU9r-88Jx1%3Da%2CarVK%3DS9r-n%3DU%2CUr-JD0DO%3DU9UlSU9aSUre8D0G%3DHHE*EErx-P0G%3D9*a3rePU-0x-P0G%3D9rePU-0x-P0e8%3DSogSErx-P0Ke8%3D9rVnJ0VV-%3DU*U3rx-P0P%3DU9ryn1K%3DgSrGG%3DSAEree%3D9rPU-0G%3DS999rV-Jq%3D9*9HrePU-0x-P05n%3D9o9rGq%3DSr1lJ0G%3DU*EA%2ClS*3rD8O%3Dhl3ESE39HrDO%3D9rx8O%3DUUO3sbJ~z8scdZ8!ZfrGKO%3Dl9aAaSaElA9ah9aaEllESa3l9hhE33ASUUAAhHl3SHHhUS9UA3SS9hESSllEH3l3SHUAA9HA33hHU9UHU3Hh99SE3HaAUUhS3hhSUSEreBx%3D9*lErOUJ0P%3DS9rlJnL%3DS999rx8q%3D9rmy0qDb%3D9*9HrOqq0DK-y%3Db1-qmkfrOUJ0G%3D9*AhrmyOUJ0G%3D9*AErex-P0G%3DS*UArDD%3DIzrnn%3DwZrx8B%3DgSrnV%3D9r-JD0G%3DlS*3rex-P0P%3DU9rwC%3Dl93lr5G0xn%3DgUrkKD%3DHr5G0nn5D%3DgUrcdU%3D*p%2FJ*prnK%3DbxkVkGV-yrGDD0NQ7%3DIz%2CIzrG1D8DU%3DSAErG1D8DS%3DSAEr8DWVL%3D9r8ex-P0G%3D9*ahr8D8L%3D9rG8O%3D9*9HrOn%3DhrePU-0G%3DU*EAr8ex-P0P%3DU9rnGOJ%3D9*9UHr8KfJV08O%3DSErDVPPV-0K1y08O%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErDxJJPf0K1y08O%3DUAS9lSahre8VB1G8P8Kf%3D9*l3aAUrJmD%3D9rn1--8V-CO%3D9rmyG8O%3D9*9H9rGLP-%3D9*999rDx8O%3DrOKn%3DVx0GVrOqq0V-Jq%3DL1PDVrOqq%3Db1-qmkfrGOJn1JO%3D9rO1Py%3DOVL1xPKr8kDP%3D9rDmGJ%3DrbKqP%3DSrOnxK%3DH9rOmyG%3D9gSr8Gn%3DSrkD!%3DHrKyD%3DSE9~E99%7Cl99~U39%7Cl99~E99%7CllE~Uh9rGDG%3D9rGDJ%3D9rKq~%3DS9h&kKe=9&qqq=n_6)qEutP91LwWEOz)v2ZZ8PtS!Z4kdHVB-!nEDINBd_F26Wc91Qfe)-vnK1Yv6Pek.o-2s7_1lqYKAGSzEauWsQ8-Jz_LfxWRRVafvQ-L2%3D&8B=llE&8kCL-=S&GO-CO=HE9&G8O=lHA9El&5KKPV=QbV%20S9%204n1-8VDK%20Qb8kyD%20zGmxK%204J1ybVKK8%204K-1JD%20sPmBV-%20.8-P%20T-VDD%20g%20d1DKVP8k5*kVK&qnL=AAU9&fODJ-=S&51KJ-V=S&51KG8O=gS9l&n1Omq18k=K!WgbYnPgYhNKtYH6um8wNbhKnlzJ!xlJ(h8J9VHd!o%3D&fJPJ=S&8D8O=3&1Oe=.VkV-1P%204V1-nb&Jy8O=J9Sh9lh3a9EhKU9UlSU9aSh3E&DDPO=%7B%22DD8J%22%3A%22Sh3*SA3*aS*9%22%2C%22DDnn%22%3A%22wZ%22%2C%22DDDn%22%3A%22u.%22%2C%22DDnKf%22%3A%22Z%C3%83%C2%BCkVkGV-y%22%7D&bKqPD-n=S&sflct=5590675&ure=1
Frame ID: 9836967660EC7356528C5119FEA1B7D5
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Frame ID: 52636A75E3F37C2EED1CBF04073A6A98
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C3016%2C313%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 528C2DDD704C20C65CB285B18301E4F9
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 4F09869DB7B9C2B87F1540BB37CF93DC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Frame ID: 7E40BA6F6104A3B8A749648D54425494
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 5516CA616FD16DD061BA22DC23350AB8
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Frame ID: 7DCD9B3A3733825A71E4F37357058056
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2642&&kkdd=nn%7Cu%7CHA9n*3&999=()fJaUw!JUDOwSAJryhX(Z!I1DPBAMvQE1TJ~2VLfCOu8tcmsdf)J6%3D%3D&EF=yRzybRWBmmyWbcmWzRy&6S.9=y&Pq.L=z&wSE=yyvb&(qwO=UB8z&wFS=mi58Tir-f&w.wS=.dc(H1(C(idwVzj!X9VO1~%3D%3D&w9FS=mBWcycWz8&qF)O=BBcZvmz&ww=i_&qw=A_&wagP=_Kfk4uV&.FS=m24iYvY4p&(.FS=YvyBB8v&a((.q=y&lX9o=a((.q%3A%2F%2F.Lq(O!FglngO(&OlX9o=XRRh~%3ACChy~RM3m)5n)MR&gqO=W&!X=y&s6S=8&LS(y=mi5~uyWvM&LS(v=mmyWvcmy8&ISL(L=qSv%3Dgs!!0Fs9!D!%3Dvz016O9.P%3DznzB0EXDOZw%3DznyB0EFqDqS%3DyRm0Swv%3Dy0qwS%3D)60EDLqg%3DWcmzB0E!v9DqS%3DvzvByvzRyy0Fs9!DI%3DyBvcncB0s9!D(lw%3Dz0q(S%3DvRybRBvm0!Lq(%3D0EFqDs9!DI%3Dznzm0F.%3DB15fXw0oII%3Dz0EFqDs9!D!%3Dvz09FF.sL%3DR%2CR0O(%3Dy809w%3Dy09.qDqS%3DvzvByvzRyv0EFqDI%3D8zznb0s9!DI%3DznRW0E!v9Ds9!DI%3Dz0E!v9Ds9!DEF%3DyhJyc0s9!D(EF%3Dz0Ow.DOO9%3DcmnBB0s9!D!%3Dvz06wL(%3DJy0II%3Dybc0EE%3Dz0!v9DI%3Dyzzz0O9.P%3DznzB0E!v9Ds9!Dlw%3Dzhz0.qFDw%3Dy%2Cy%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz0IP%3Dy0.qFDS%3Dz0LB.DI%3DvnRB%2CBynW0qFS%3DmBWcycWz80qS%3Dz0sFS%3DvHLQ!bTQZ8f_TU2BYo0I(S%3DBzmzmyyvc888z8cbyBbWRbRyRyBRcRRbmvBBcmBBmvmRBvzcbcvvz88Byv8Wmmmmyz8m8zbRyycBRy88BmRvmcWBBcWvWmyzbm8bczz0EXs%3DznyB0Sv.D!%3Dyz0B.wo%3Dyzzz0sFP%3Dz016DPqa%3DznzB0SPPDq(96%3DaL9P1gj0Sv.DI%3Dznbc016Sv.DI%3Dznbc0Es9!DI%3Dynvb0qq%3DuK0ww%3Di_0sFX%3DJy0wO%3Dz09.qDI%3DBynW0Es9!D!%3Dvz0iH%3DBzWB0lIDsw%3DJv0g(q%3DB0lIDwwlq%3DJv0k2v%3Dnx%2F.nx0w(%3DasgOgIO960IqqDrYp%3DuK%2CuK0ILqFqv%3Dybc0ILqFqy%3Dybc0FqfOo%3Dz0FEs9!DI%3DznRm0FqFo%3Dz0IFS%3DznzB0Sw%3Dm0E!v9DI%3DvnRB0FEs9!D!%3Dvz0wIS.%3Dznzym0F(j.ODFS%3Dyc0qO!!O9D(L6DFS%3DvRybRBvm0qs..!jD(L6DFS%3DvRybRBvm0EFOXLIF!F(j%3DznyvRvB80.1q%3Dz0wL99FO9HS%3Dz016IFS%3DznzBz0Io!9%3Dznzyv0qsFS%3D0S(w%3DOLq(Dqw0SPPDO9.P%3DoL!qO0SPP%3DaL9P1gj0IS.wL.S%3Dz0SL!6%3DSOoLs!(0Fgq!%3Dz0q1I.%3D0a(P!%3Dy0Sws(%3D8z0S16I%3DzJy0FIw%3Dy0gq)%3DB0(6q%3DBzzZvWz%7CBBcZvmz%7CRvmZbz0IqI%3Dz0Iq.%3Dz0(PZ%3DyzR&g(E=z&PPP=q1jOKGZfrgoOQsX-Fhf.z2.(y9wRO8oXFt(o6BiU2GtOKbyHBRQY-DE~~hmOVT-cfo1!YLKAuhU696Fu-5iiBX%3D%3D&FX=BBc&FgHo9=y&IS9HS=8cz&IFS=B8my8W&l((!O=YaO%20yz%20CwL9FOq(%20YaFg6q%20KI1s(%20C.L6aO((F%20C(9L.q%20T!1XO9%20QF9!%20d9Oqq%20J%202Lq(O!FglngO(&Pwo=bbvz&jSq.9=y&lL(.9O=y&lLq(q=(q(j.O%3DJyz8zv&lL(IFS=JW&lL.w=yzz&lL(L=L(W&lL!16=CH%3DB8Wv%7C%7CYiU%3Dz%7C%7CYYi%3Dy%7C%7CYi%3Dz%7C%7CkH%3DB8WB%7C%7CiH%3DB8WB%7C%7CYUHd%3Dc%7C%7CCHd%3Dm%7C%7C55Hd%3DvHLlYjljK8B!~(az6a%7C%7C_Hd%3Dz%7C%7Ck2Yd%3Dc8z%7C%7CY2Yd%3DR8RccRbzcbzBy8&wLS1PLFg=()fJaUw!JUmr(4U8MA1Firam(wBK.)sB.7mF.zO82)h%3D&j.!.=y&FqFS=W&LSE=QOgO9L!%20COL9wa&.6FS=.zymzBmWRzcm(vzvByvzRymWc&qq!S=%7B%22qqF.%22%3A%22ymWnybWnRynz%22%2C%22qqww%22%3A%22i_%22%2C%22qqqw%22%3A%22AQ%22%2C%22qqw(j%22%3A%22asgOgIO96%22%7D&.O9o=y&a(P!q9w=y&sflct=5590675&ure=1
Frame ID: 9795BE5659A14430C58B1069413F08F7
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Frame ID: F80A3749ABF7716E776641A4A5E7A0B7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99,77,20000,2033,262,460,241,461,462,3018,246,4,3016,313,10000,459,229,9,319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0851DD318344AC91AA6DE95DA4F1EC62
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Frame ID: FD6CF76264E89B8E0731705165C1C87B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: 92BE7A85DB0C8BDE1CEC2BEDDEE78035
Requests: 16 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C18D27E8E1A9C27D95FD2603296D4EE5
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 8C6A91DD55B810AFD565BB9BF2125DFC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 16422AF9C9D070A27E98073706D7F460
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B9FAB7D9F454DD96AEBF50B5A55DC23B
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1701975385183
Frame ID: ED359222FB0EB94E28266A946B950DE4
Requests: 6 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F9F3BEB466813A55692AA5DC480DB8AD
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: D1FB5349ED2C23AB86785F6B78950129
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 9B0FC7652AD294DB5D2EDB236F91617B
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 46FA6E7F921E857F475F0E46B592DA28
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 403F3D6BC993766A3B7F39B6071B67D0
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: AE951E27789FF39284CE1CF8E9C7102F
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 2AF99CCC5028073FE6CA2561028202CD
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 6289A3EFE16D0D871F67201FA089E826
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 4436DC5EE64DE0AB55ED7BA58890E9F0
Requests: 5 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: E4DED0F7FA2FF249D7D8AF9A5D19AE17
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 36BD39F1D7448F1C04884FB6C2DB2120
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=36738E8D-DD57-4107-A09C-DF8B19CC796A&redir=true&gdpr=0&gdpr_consent=
Frame ID: D63FAE156B51C80FD06BD9B7D02CEE61
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nB2YSZsdmh-HH81OzBmCS8kezh-HTckekkyPwOLh
Frame ID: DF573C018DBA5F6C2661E8B57C37AA04
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4794973522604621722&gdpr=0&gdpr_consent=
Frame ID: 48AE78F81FBC7B00DAD21F2AFFFF28D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7309928634360723598&gdpr=0&gdpr_consent=
Frame ID: 578307003C28EC11C8DA78906CF75F20
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lHe6psvHWJZQxNzoYir8aLnDR9c&gdpr=0&gdpr_consent=
Frame ID: 0F1A41A772C662CA778884E62D40FAFA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 6034347E6A9E395E31C88C05D64357A9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACdF07K5CsAABT32dTPbw&gdpr=0
Frame ID: 05BE0FD1032F27D74D5366EC591196E0
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXIVXQAFKxVEEgAM
Frame ID: 4F1AAB0F4FC8DA45769D2790F29DC87B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd1d1b8239cd54b5c9b0b2d0415c4d4d0
Frame ID: 1B1A0B42E381B59EFABA29A789C63A38
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 14BC24004DD7890469E9A77BA61F6E9C
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 4B1713C3CBB9E0B937FDE6A350BB657F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7750569593600309433
Frame ID: EF5F253C9FA540DF902018789B169353
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322330011547421
Frame ID: 0B952E5B596C5C90354B288352048719
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3C708526D7B63FF01B2DA3A80163C29E
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 331F3B5EAF3E500A5D279911E4290ADC
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Frame ID: 3757241264FA9DABB9E9B7846E01C6F3
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 5069FD1A081E39E2E25B7CDB03DE08CF
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E7239CE5E460A7D172158588E857C8AC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5008915001768587012&gdpr=0&gdpr_consent=
Frame ID: 829A683FF421C2D1EEA4CFCFCE7B2D4D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hNGZiNDdkNi1kZjBkLTQ3ODUtOWQ3Yy1lZTNiNjE0YWQwNGM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F96EF484294B041A317B29B90A971D81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7D4F624293614967E3789AA3E06C3332
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: DA466B3793E2D4D0912BB82814790BBB
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 13E7344762445F6724F6CA5AC1655203
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=5KT1nxpQZQJXgO7Fzf7BR5t36HUEpMVL7ebCYuBvHqc&pi=gumgum&tc=1
Frame ID: 04B08477FA4F2E4FDD4B04B2C6CD1C25
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8C8DFD7296B7BCA68AC42BCD95596C8A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The 10 Scariest Things About Spaghetti Straps Flower Girl Dress - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

373
Requests

71 %
HTTPS

24 %
IPv6

100
Domains

158
Subdomains

101
IPs

9
Countries

2642 kB
Transfer

6659 kB
Size

90
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&rid=esp&cc=1
Request Chain 73
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=1b9ceab9-02f7-4ddb-8096-c4cab7e776bf
Request Chain 74
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=AOqLEHx4ZDlNRE54QnJPZjFLcW1BSlNiY0xsd1V4UEE2U1UwalpZS2VBRFNoSG1rNjBtWEp5MFVNNzk1TUJHSzJMdElHQlcyTEJNYlZuVC9vUXcwMXhzblRCZXhjYlpiSVg5R0lFU0pQMnE0dHg5QWtJNENuQTZEVDBuakFFUjg0dk45Tnd4UHBFM1U4V2lGU2ZqOEJTWXM1cUZPRjRZYUFWUFJCYjIwZkFlMEJ2ZEg0VUpwUnlTeGF2SW51VXorWG1ab3BiVUJFSjlJRE91MjN0SnV1S0hIdUFoTTBqZml1M0dvQS94U1hNWlYrcTZrNlRiRzFjd0UxYXNpa0hOeUpTVWxRMTVQL1pzQTA3dk1Fa3lobmdLQUw4ZFpyb3Q4MnB4dzdZY2QyZkR3VTkwbz18&cppv=2
Request Chain 77
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5008915001768587012
Request Chain 78
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=562d0fac-9d16-ceb9-3b53-b98569ac50a2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=562d0fac-9d16-ceb9-3b53-b98569ac50a2&dcc=t
Request Chain 80
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjI5NGEwMWItNDhjYi0yYmU3LWVlYmQtNjFhYmNiN2Q1NTIy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjI5NGEwMWItNDhjYi0yYmU3LWVlYmQtNjFhYmNiN2Q1NTIy&google_tc=
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpZox16N1t8D7LmdcpN0fc&google_cver=1
Request Chain 85
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LPVK77XO-1F-JLPD&gdpr=0
Request Chain 86
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4794973522604621722
Request Chain 87
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
Request Chain 89
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa= HTTP 302
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=cb5a7b8a-8e5c-4be2-b48c-5bdcf9b2fed1
Request Chain 90
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjEWjaGBeJkUDIo7IRwDd6nYM8YwB92ez1w
Request Chain 91
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3322655952767938813
Request Chain 93
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
Request Chain 94
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzY3MzhFOEQtREQ1Ny00MTA3LUEwOUMtREY4QjE5Q0M3OTZB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGBSvpVKh8EcFqwqBUIjlcA&google_cver=1
Request Chain 96
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
Request Chain 98
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=1963e05b-b720-47a6-856d-4f8f72da7bdb&ssp=onetag&expires=30&user_group=5&bsw_param=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 124
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID HTTP 302
  • https://rt.marphezis.com/sync?dpid=6&puid=36738E8D-DD57-4107-A09C-DF8B19CC796A
Request Chain 125
  • https://bh.contextweb.com/bh/rtset?pid=562863&ev=1&us_privacy=${us_privacy}&gpp=${GPP_STRING_XXXXX}&gpp_sid=${GPP_SID}&rurl=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D7%26puid%3D%25%25ENCRYPTED_VGUID%25%25 HTTP 302
  • https://rt.marphezis.com/sync?dpid=7&puid=nSA2CJqu0kcOpi7PcGy_gw&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
Request Chain 126
  • https://ib.adnxs.com/getuid?https://rt.marphezis.com/sync?dpid=2&puid=$UID HTTP 302
  • https://rt.marphezis.com/sync?dpid=2&puid=4794973522604621722
Request Chain 127
  • https://u.openx.net/w/1.0/cm?id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid= HTTP 302
  • https://rt.marphezis.com/sync?dpid=3&uid=a36314ac-7244-4ad5-881f-9de6b9f61f1b
Request Chain 142
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3717a331-6dff-4390-8229-cbe9eaf019f6&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7ca848f7-22c1-4a78-9aec-12d12f6d355f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dce963030562745778efcb7b6b53a3db0%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=29103178&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=4876404284191095834 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce963030562745778efcb7b6b53a3db0&SNR=1&GV=2&med=10
Request Chain 146
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Request Chain 147
  • https://ssum-sec.casalemedia.com/usermatch?s=197494&cb=https://rt.marphezis.com/sync?dpid=5%26puid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Request Chain 160
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=9afae485cb54487082add11bb5fa1be2 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gflf3YTyA-hxHY7b1hGBqSVLFmR2Cu1rYGiGEA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gflf3YTyA-hxHY7b1hGBqSVLFmR2Cu1rYGiGEA
Request Chain 161
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXIVWqix3sFrBQxOiD9eGwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELdUpw6R-2yT8Th0lLMm3ds&google_cver=1
Request Chain 164
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RA06NI3R1RbjxV5
Request Chain 165
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3322655952767938813&gdpr=0&gdpr_consent=
Request Chain 166
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370
Request Chain 167
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5008915001768587012&expiration=1703184986
Request Chain 183
  • https://pixel.rubiconproject.com/exchange/sync.php?p=getmedia&khaos=LPVK77XO-1F-JLPD HTTP 302
  • https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LPVK77XO-1F-JLPD
Request Chain 185
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPVK77XO-1F-JLPD
Request Chain 186
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPVK77XO-1F-JLPD&ex=d-rubiconproject.com&status=ok
Request Chain 187
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBWSzc3WE8tMUYtSkxQRA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDMl82O58zqW3WQUQol7Bmo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWSzc3WE8tMUYtSkxQRA==&google_push=
Request Chain 188
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ2ZjRhN2ViNmI1NTI2YjZlNmNmNmNjMTJhMzgyODgzNWE1ZjRmMA
Request Chain 189
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YWR6khGjQnCMr_HQ_AI_Lg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YWR6khGjQnCMr_HQ_AI_Lg
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECZ89Qbn9wssU9Pk-AH5pEQ&google_cver=1
Request Chain 192
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=i4a4kaZHTd2LJZP5bABtWw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i4a4kaZHTd2LJZP5bABtWw
Request Chain 193
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/y7_BO_TlkzTBPv9ml_TUmMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WgxpUOtE2oKjOxCv2jTXwg1ZBdEEdZqQ4KrgUA--~A
Request Chain 194
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACdF07K5CsAABT32dTPbw&expires=30
Request Chain 195
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPVK77XO-1F-JLPD
Request Chain 196
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=cbd7d152-d96d-4294-899a-43f48f7d9ce0&expires=30
Request Chain 197
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPVK77XO-1F-JLPD
Request Chain 198
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPVK77XO-1F-JLPD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPVK77XO-1F-JLPD
Request Chain 199
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPVK77XO-1F-JLPD&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPVK77XO-1F-JLPD&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPVK77XO-1F-JLPD
Request Chain 209
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=3&topUrl=pastelink.net&bundle=mWUUd19DOGdCSVJVNVlNdTdrekdYN3BzNCUyRk1ySGZxQmh4SWlEaVVsU3A3ZlJYU0VHTzlueUhUYlFaTkh6Y0hWVlBuMzJoMDluTjBmWXRDeVZtaTJyb0l4bW5Fb1hOM1V1WmtYRTgzVSUyQlJiQVhYNFByMmtrQ2pYQUVOc3RJcFZIc0ZncDdjeUFBZlRrNHRzT0diQjFZdSUyQnEwbEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=GE_penxWSFNUY2p4MS9BODg0YTNzWHcwR2YyWThtaFZFbi9wLzF0Q0FheGxOT2Nwbm5UbzQrdG51MUhZbVQ4Q29kV0Y0WkU3NEJBMFQxcEgwR3RlSTdUWjVrek5jOTNQQkplTDdJTDVmRTZrcTRFcGVYM21JekdVTWNlNHh2T2hVODJSRWVqUXFjbmpsbndWTmlFMno2d0VPODdIam9zSmw5MUxReUpjOG1QQnJsOUd0ek01ZG9YNklxUXhRUHY4VkUwTjNMN1l0ZDdtc2FIdGN5M2t3bmd6NHpMbCtrUElBWHNwbnFCRlVjVDdhZXk1L2hlY25YOHMxVUZyTmlWcmNIUGU2djBCZmFXVXNQQ0F4QWxCRTZTT2x2R1dNUURSaWRzQk42ZHNBTVdFNnYrND18&cppv=2
Request Chain 210
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3717a331-6dff-4390-8229-cbe9eaf019f6&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7ca848f7-22c1-4a78-9aec-12d12f6d355f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dce963030562745778efcb7b6b53a3db0%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=29103178&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=4876404284191095834 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce963030562745778efcb7b6b53a3db0&tids=15000&med=10
Request Chain 226
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=1LMDH8x3jxoV&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 228
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4794973522604621722&gdpr=0&gdpr_consent=
Request Chain 229
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjllVFlLUGVvcG1UT0tzUGxuZDVZVWFzdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGY5ZVRZS1Blb3BtVE9Lc1BsbmQ1WVVhc3ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGY5ZVRZS1Blb3BtVE9Lc1BsbmQ1WVVhc3ciLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn0seyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGY5ZVRZS1Blb3BtVE9Lc1BsbmQ1WVVhc3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5008915001768587012&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGY5ZVRZS1Blb3BtVE9Lc1BsbmQ1WVVhc3ciLCJkIjpbeyJuYW1lIjoic21hcnQifV19 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=f9eTYKPeopmTOKsPlnd5YUasw&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648%26r%3Dhttps%253A%252F%252Fa.audrte.com%252Fp%253F HTTP 302
  • https://a.audrte.com/match?uid=3322655952767938813&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 251
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7309928634360723598&gdpr=0&gdpr_consent=
Request Chain 252
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=03cc78e8a1be7a6b19acda1974bd85b5&gdpr=0&gdpr_consent=0
Request Chain 254
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
Request Chain 255
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=4345196838351415250&gdpr=0&gdpr_consent=
Request Chain 260
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=upd17RrmxsHrMvRYiZuaL4_cnu0-nFWxn9pcrzdM6u8
Request Chain 268
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 273
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4794973522604621722
Request Chain 274
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HyFwuRZHJ6op3tEfTfe8aKdk
Request Chain 276
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1701975389475 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2837662477 HTTP 302
  • https://sync.1rx.io/usersync/turn/3696678492010063826?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-94625df1-070c-4c7c-8e4a-53c093ceb845-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-94625df1-070c-4c7c-8e4a-53c093ceb845-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-94625df1-070c-4c7c-8e4a-53c093ceb845-003
Request Chain 277
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5124322330011547431
Request Chain 278
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=47d85e0a-7d80-47ea-a074-6c71072bd1a4
Request Chain 279
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 280
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
Request Chain 281
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUyAgYdOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUyAgYdOAE=&buyeruid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUyAgYdOAI=%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=29&buyeruid=1LMDH8x3jxoV&r=Cid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUyAgYdOAI=&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894 HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-548fcc98-a7a0-3a5d-83c9-221f8cf6c585
Request Chain 282
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
Request Chain 284
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 290
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=I9-Idt15lEFfH5Wwu8ALdNPoCZ7flzSl_jTrBvaBE5c
Request Chain 294
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3322655952767938813&gdpr=0&gdpr_consent=
Request Chain 295
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACdF07K5CsAABT32dTPbw&partnerid=127&gdpr=0
Request Chain 296
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=D-rZAAjq21YU6IwHWu7DAFjr1wcUutYHWOgJl2eL
Request Chain 297
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
Request Chain 299
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 301
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nB2YSZsdmh-HH81OzBmCS8kezh-HTckekkyPwOLh
Request Chain 302
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4794973522604621722&gdpr=0&gdpr_consent=
Request Chain 303
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7309928634360723598&gdpr=0&gdpr_consent=
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lHe6psvHWJZQxNzoYir8aLnDR9c&gdpr=0&gdpr_consent=
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c369925a-feca-4f24-ab73-0a2d475901f1&user_group=1&ssp=pubmatic&bsw_param=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 306
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZEYwN0s1Q3NBQUJUMzJkVFBidw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACdF07K5CsAABT32dTPbw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACdF07K5CsAABT32dTPbw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACdF07K5CsAABT32dTPbw&gdpr=0
Request Chain 307
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXIVXQAFKxVEEgAM
Request Chain 308
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd1d1b8239cd54b5c9b0b2d0415c4d4d0
Request Chain 311
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7750569593600309433
Request Chain 312
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322330011547421
Request Chain 315
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95c6dced9bc6bfb4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRVjUQjnQRhjUhMhW%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=2e100f3c928ba0829d7b939d57257785&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRVjUQjnQRhjUhMhW%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRVjUQjnQRhjUhMhW&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Request Chain 317
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NnOOjd1XQQegnN-LGcx5ag%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 320
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3869456685
Request Chain 321
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A HTTP 302
  • https://a.audrte.com/p
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQHDynLqYiC2rRbP2hgdJY&google_cver=1
Request Chain 323
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70074FA7404D4B57A390E9F285D881B3 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Request Chain 324
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5008915001768587012
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ka3phcNE2uWROiLFAoslm1.MnDVd4lQ-~A&gdpr=0
Request Chain 328
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64b2203b-b69e-41c9-bd37-d19c983b2f43-6572155d-4348&gdpr=0&gdpr_consent=
Request Chain 329
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ccea8df8c5016ce&is_secure=true&networkId=17100&version=1&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIGhmvQnjFiAMFl3aeAAAAAAA&expiration=1702061789&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 330
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3624620897972135890&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 331
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a87da24d-da62-47e8-aac6-0e13a4fb211f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 333
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gK9__oevfaibrSr70_tl_9KpfKib_n__1f5V8u_U
Request Chain 334
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB
Request Chain 335
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b479bbfa5c15f6bb22b76c6f28cd9e8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml02ab_7311066216679186806&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YjQ3OWJiZmE1YzE1ZjZiYjIyYjc2YzZmMjhjZDllOA==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB__Ndl8xLQF4BBGGtQ-KPQ&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACdF07K5CsAABT32dTPbw&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/b479bbfa5c15f6bb22b76c6f28cd9e8?gdpr=0&gdpr_consent=
Request Chain 338
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699cf6339db27w2y400lpvk7bl3
Request Chain 343
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4794973522604621722
Request Chain 344
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a4fb47d6-df0d-4785-9d7c-ee3b614ad04c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=10564455-8f75-4465-9f1a-2d80fd8caaa9&expires=1&user_group=5&ssp=gumgum2&bsw_param=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 345
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f9c6d7a1-a9a9-4d15-9c26-2bffc9cf9a04
Request Chain 346
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9477baa6-cbc7-5896-50c4-dce8622afc68$ip$185.195.71.215
Request Chain 347
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-K70AgqFE2pfuq13_IPOwRAYYY_TdM5XoFEfw~A
Request Chain 348
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=cbd7d152-d96d-4294-899a-43f48f7d9ce0
Request Chain 351
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=1LMDH8x3jxoV&ev=1&pid=558355
Request Chain 352
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=3322655952767938813
Request Chain 354
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=5008915001768587012&gdpr=0&gdpr_consent=
Request Chain 359
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=5KT1nxpQZQJXgO7Fzf7BR5t36HUEpMVL7ebCYuBvHqc&pi=gumgum&tc=1
Request Chain 360
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 361
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LPVK77XO-1F-JLPD HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LPVK77XO-1F-JLPD
Request Chain 367
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPVK77XO-1F-JLPD HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LPVK77XO-1F-JLPD
Request Chain 368
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
Request Chain 369
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Request Chain 372
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 373
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXIVWqix3sFrBQxOiD9eGwAA%263370
Request Chain 374
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Request Chain 375
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2948510038135636700431
Request Chain 376
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=97a291d5-fe2e-4a17-83c5-22e5419c11a7
Request Chain 378
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=03cc78e8a1be7a6b19acda1974bd85b5

373 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bvpyuz2q
pastelink.net/ 		30 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
3b745959d448c39eb8d6a0664c192689ed61f59f2f9ee6c0ce52cd575ca8ef50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 18:56:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 18:56:24 GMT
styles.css
pastelink.net/assets/css/ 		130 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/css/styles.css?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/bvpyuz2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-2071e"
content-type
text/css
accept-ranges
bytes
content-length
132894
jquery-3.6.0.min.js
pastelink.net/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/bvpyuz2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-15d9d"
content-type
application/javascript
accept-ranges
bytes
content-length
89501
script.min.js
pastelink.net/assets/js/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pastelink.net/assets/js/script.min.js?q=37
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/bvpyuz2q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 26 Jul 2023 15:36:49 GMT
server
nginx
etag
"64c13d91-b8f8"
content-type
application/javascript
accept-ranges
bytes
content-length
47352
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
748150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY1HqxHa3jiKb4GbxrArYPY6qO%2FTQrpRhZC%2BrbDKT8JzyYfhllSGfpN6sdeKYO5FOWSNCnNkBYnplyPIfHTg7WNftxu%2BY79I5OWUvhyrDht5sHlrbzlpGrbFpWqYa4n4hW51UUjIXfUmNtg8w4up9zYR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
831efd0669f94c4e-MXP
expires
Tue, 26 Nov 2024 18:56:24 GMT
css2
fonts.googleapis.com/ 		880 B
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Just+Me+Again+Down+Here:wght@400&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6745e58e49c454d7589789132e60bea089819ff74f4c2bf59aa93cc97a66a463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 18:56:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 18:56:24 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f0430ccdf48ea353c809786e1d59aecd0896b0dbda31edaf5ab295a936ff0dd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 18:56:24 GMT
gtm.js
www.googletagmanager.com/ 		262 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d933f172fbf6542b5a6fb57729af202e3e033df01fc4c6b6cce6727da8e9e435
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91949
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 07 Dec 2023 18:56:24 GMT
pastelink.js
cdn4.buysellads.net/pub/ 		552 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
5b426c7b9f07b8f78d21972459d9e823a29c565b38fce5347306d7621a52434c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
cache-control
public, max-age=3600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
75bb8331ae8aebedec66e31b04f56be427754265
vary
Accept-Encoding
content-type
application/javascript
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 		504 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a25a841bdb9b41efdbba9815fd37be806319572f41bf88b4b41384c8444456c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 02:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206656
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:08:31 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 02:13:52 GMT
debut_light.png
pastelink.net/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo-german.svg
pastelink.net/assets/images/logo/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-38e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
14560
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/ 		239 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
moon.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/ 		578 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-german-contrast.svg
pastelink.net/assets/images/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-german-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-3d2f"
content-type
image/svg+xml
accept-ranges
bytes
content-length
15663
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 15 May 2023 18:42:14 GMT
server
nginx
etag
"64627d06-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:33:17 GMT
x-content-type-options
nosniff
age
516187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 19:33:17 GMT
MwQmbgXtz-Wc6RUEGNMc0QpRrfUh2hSdBBMoAtwAtKE.woff2
fonts.gstatic.com/s/justmeagaindownhere/v24/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/justmeagaindownhere/v24/MwQmbgXtz-Wc6RUEGNMc0QpRrfUh2hSdBBMoAtwAtKE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Just+Me+Again+Down+Here:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9036073cad52dae309708aa489751bc587660475aecdd7880adbf4d062d194c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:40:49 GMT
x-content-type-options
nosniff
age
465335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17572
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:33:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 09:40:49 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:53:02 GMT
x-content-type-options
nosniff
age
209002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 08:53:02 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 23:25:31 GMT
x-content-type-options
nosniff
age
243053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 23:25:31 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2222eddcc4e2bf15281f72fb9c006da6f71a5ab428861a5572b8868c53f0f275
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87073
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 18:56:24 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 17:41:49 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4475
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 07 Dec 2023 19:41:49 GMT
collect
region1.google-analytics.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3bt0v873532799z8831407672&_p=1701975384210&gcd=11l1l1l1l1&dma=0&cid=36841767.1701975384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1701975384&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&dt=The%2010%20Scariest%20Things%20About%20Spaghetti%20Straps%20Flower%20Girl%20Dress%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=801
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=161911415&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&ul=en-us&de=UTF-8&dt=The%2010%20Scariest%20Things%20About%20Spaghetti%20Straps%20Flower%20Girl%20Dress%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1938341523&gjid=1330097770&cid=36841767.1701975384&tid=UA-55088947-2&_gid=941301543.1701975385&_r=1&_slc=1&gtm=45He3bt0n8155WHPWQv831407672&gcd=11l1l1l1l1&dma=0&z=141933893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fc514a4d9fa20b05992c448af795f3c3067c7eb065570839dc86f3713eaef9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83544
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 18:56:24 GMT
tag
btloader.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e5b1de3fb05b23ac4025c264d51edb0732e7c67baa7e16893ea72569d32d558

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 18:51:27 GMT
server
cloudflare
age
263
etag
"53e4e052cf593256c32a7abb91d8e481"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
831efd0a2cf80e0f-MXP
content-length
20572
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43d469d333e88830daa282404daeb2b385de30193026e127913200000fdd9648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30309
x-xss-protection
0
server
cafe
etag
496 / 19698 / m202312040101 / config-hash: 11185918798576071721
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:56:24 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 18:56:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647621
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxgZHY%2BEXrg8a8SSNKqsOZ881evhrxHD4JQr4f50WSzNuRfaQUmW3elvZ3xKgzR%2BiSTVOTxWDc3s8q%2BFc9j1hwTvqZw9zUBBLPvL7Q2nWcf2vGLKuXuztnrSxRB4C4YEChJf9JLNYYhRkO%2B5zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
831efd0ae9013742-MXP
expires
Thu, 30 Nov 2023 07:41:19 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 21:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 21:54:50 GMT
px.gif
ad-delivery.net/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.897798388045421
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647621
x-guploader-uploadid
ABPtcPra_lXYliE83JlofH-FOVQhOVOvvpztjoFzaJT3T_yEtI2RzjK6zKSrOsKTMYzS8bdeUEzqYDXmwg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6REbQo7Jmqy2q0aRx%2BtODCghf7vAK0N6T3DY4RzToBYG6uvYg1GLwzUtgMtm4ipQ%2FTybGd4%2F4SSPRhUWECdYvg5oZZP4ISHmQhocjH2BoU26ZfeNqxxX%2BvRHuEkEzaL2IJY3T%2BtY3Vfd8jNB8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
831efd0ae9003742-MXP
expires
Thu, 30 Nov 2023 07:41:19 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4KDXYD7HFC&gtm=45je3bt0v9136110041&_p=1701975384210&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=36841767.1701975384&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&dt=The%2010%20Scariest%20Things%20About%20Spaghetti%20Straps%20Flower%20Girl%20Dress%20-%20Pastelink.net&sid=1701975384&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1042
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4KDXYD7HFC&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
25100
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Dec 2024 11:58:04 GMT
country
api.btloader.com/ 		16 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:24 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=THtzZQIVO&w=5093624318001152&o=5102648370397184&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&sid=tyUCuMOJ&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 18:56:24 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
CWYD627N.json
srv.buysellads.com/ads/ 		1 KB
712 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=520174&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.167 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-18.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
0cd64f727d72d15947ec9dd88c819964192798c59a5a139d6befa2366f696311

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
575
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
665724
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsHMRz5G0WhrptezDSQBGj2f03lWqh1YBs10mIPzkxRyCT4vwEiGBhom8ZFqlu8%2BOIkt1Fo8G4o2RH4WvU7mSjd%2FwMGSFUf9U03%2FBJ%2BC3I73vmJoljdaH8%2F2zR%2F%2Br%2BvyPDNN22B1rx%2FYeBnA"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
831efd0c6f184c56-MXP
prebid
mp.4dex.io/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c7a142a4be0835ae72af164b1245efb4ccb0ac048b0a79cb8a4b4c113c0f4b

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 07 Dec 2023 18:56:25 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
831efd0c6e3e2397-ZRH
expires
0
prebid-request
onetag-sys.com/ 		15 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://pastelink.net
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
69f6701a2a3868e9532778660f02d98cb49c4dba60fc5336ff1c9de92e1ae063

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
14307d6970a8af633a46dec0a5c95e0f32d91be3d76b60c5727d48162d8b3cde

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		912 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
edc78276a012aa609d7f245bb4b150298ac3a4b340a785745697ed4c6d98d1af

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0b4f2d0d5ed5ecaf2ea128bfb49698c22137aa4d84c596b7d3147333a79f0a16

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7b29d277691a2ffc6b183c5966366b09c8ea5f7254283e7d811926602aa3cf48

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		48 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
48cd868056c12e2cd75bd7d62bc10a3bcdd09eef0c841b3ca1dd40183b7901e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
gzip
an-x-request-uuid
e859784d-7044-4b32-b6e1-c139f6b425dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		845 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5548
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f54f0d0e96bdeffd146688e9cc7a57868ec8d4fa8a1489c51b5f6f13f49c9b80

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Thu, 07 Dec 2023 18:56:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
rt.marphezis.com/ 		27 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
31c092894edb8c2115b0e09b6f5e5ab5d6056d8516c21bc102c1012b9bd8dda8

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store
access-control-allow-credentials
true
content-length
27254
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&PageUrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&PageReferrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.18.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-18-223.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9ec07951830a2627ef3f22c9785d6316cf7a439be45442f4ff8a7f983b203afb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
235
content-length
482
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
23b672072740c43062b3ceffd40c361e8c489bd512f88b97fbe27c2b55a04c85

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:24 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 18:56:25 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		466 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=e0fda9c0-d39a-482e-871e-123cb18d0a1c&l_pb_bid_id=653c5bc6534a514&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e0fda9c0-d39a-482e-871e-123cb18d0a1c&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.825045445475747
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a93e41b79e33a7893910ac0ce9df09cf5e68e35d3d681ba0f4e8f7e4bd53166f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
466
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		476 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=bcbc2679-7ca9-4c8a-ab86-b8634301ed28&l_pb_bid_id=660d6d01aedbaf8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bcbc2679-7ca9-4c8a-ab86-b8634301ed28&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.8853300439666953
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8867abdc1324822010578fb822a1ab98e22e023bf82a26f50af1683758192040

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
476
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		468 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=d717560a-fea6-422e-936f-12ef2c14a641&l_pb_bid_id=679fcb595dfb0c7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d717560a-fea6-422e-936f-12ef2c14a641&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.8792978304179653
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
56aa2813a301c5188f17017e0cb2370e4e8a488c390df10b5f4eca1688849ab2

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
468
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		487 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,!google.com,pub-9961814823930967,1,,,&rf=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=753692ed-0370-408d-b02b-b4f2cc5ad5d2&l_pb_bid_id=68c277caa1a3b64&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=753692ed-0370-408d-b02b-b4f2cc5ad5d2&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.45700651000372106
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
df6879fe3d9362d69218acf6f4b9d43b75a4017bea5435f466a2696ddcf45b1f

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
487
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=28789447076&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
connectId-gpt.js
connectid.analytics.yahoo.com/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connectid.analytics.yahoo.com/connectId-gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-14.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:45:59 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
content-security-policy
default-src 'self'
x-amz-cf-pop
FRA56-P2
age
627
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8730
x-amz-expiration
expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified
Tue, 17 Oct 2023 13:17:45 GMT
server
AmazonS3
etag
"c46e30de24d0f12167e302e9e32ff4a5"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
or1aW5KQTK0ypUSVGaq20MK00NEDHR_vFDFaDMkUwTnpA5NtncPUzg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3c00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 07 Dec 2023 09:10:17 GMT
Via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
35169
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
lP85KXIjOMR9XO6tDFqC6cVYc9nfVUQNsobmT73ZXIDHOkM_N7yb0w==
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
DE0EK297BE5F6CF2
age
312
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
831efd0cafa00e25-MXP
x-amz-id-2
Q62NgZ1txv1IAYnZzEctpbhPKg+lypIU8tDNtxEkEuxqDQLjLRXn4Co5lICLGoQ/D61riISRzr0=
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 02:25:20 GMT
content-encoding
gzip
age
2305865
x-guploader-uploadid
ABPtcPqiDS5tBwV0QLZmyML_yzcPEQr3nc6FLNBQrfNVEH6ZBn0MtJkPczDlDTsLPVZ_9cVT-HNMmDk9RmaQll4t4L8-LQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 10 Nov 2024 02:25:20 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
62843
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
831efd0caf1801f8-ZRH
expires
Sun, 10 Dec 2023 18:56:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Dec 2023 18:56:25 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-34.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:16:06 GMT
content-encoding
gzip
via
1.1 fbc8210d21f6d43d0666226a15960b78.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P3
age
52820
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
jjTmLKuTjJ6VoiQ4EjmaZKRCSRJsQUyjv64c_Lru3EU4Bkc40xup6Q==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
0b17d3251a90c92edd4415ce19465835
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42186
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-mxp6950-MXP
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXKQtm8zeJ64ScZKpfTev%2BBp2VQrDinX67lRivNSHoJ7zW2b32tEbUIZN3E2njqW2xiQ3hjkMIEneMrrGSZabfLaQZ4a6gF3UowuVZhPDoWun7z9NUUVvXV7MLX0v%2BQv2w17kU5Dv166HHRH5u0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
831efd0c9b65baed-MXP
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:25 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
751162
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAKSQ2inrCQTTF2FlqoLxG9GUZftfuEjvHARvIXQJL3PeTVWYG53y600f7Q5eE548SZIXmgrQwkzM0uYWy20nUREGSDfrL4tR2wfGSX0xxD5DaQUCvDmSzfGFlFbbakHsELRIWcKYgSk5ZGd"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
831efd0cf9cd375f-MXP
map
bcp.crwdcntrl.net/6/ 		235 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-165-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
128ea146861ab8bd1ccf96ba271f62e2bb05279a8dd6906163068592fca6ee63

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://pastelink.net
cache-control
no-cache
x-server
10.45.7.209
access-control-allow-credentials
true
content-length
235
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&rid=esp&cc=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
db9b71a775fbb2d3fe7c56a26e34e88889d214c4889a8d308df05a9c6ca563da

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-4AmcGwvjIdoz3tLCbKKed0Lz1cA"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 07 Dec 2023 18:56:25 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://pastelink.net
location
/esp?url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame AB82 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 18:56:24 GMT
server
Kestrel
server-processing-duration-in-ticks
368681
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
increment
id5-sync.com/api/esp/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=1b9ceab9-02f7-4ddb-8096-c4cab7e776bf
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=1b9ceab9-02f7-4ddb-8096-c4cab7e776bf
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=1b9ceab9-02f7-4ddb-8096-c4cab7e776bf
access-control-allow-origin
*
date
Thu, 07 Dec 2023 18:56:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sid
mug.criteo.com/ Frame AB82
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=AOqLEHx4ZDlNRE54QnJPZjFLcW1BSlNiY0xsd1V4UEE2U1UwalpZS2VBRFNoSG1rNjBtWEp5MFVNNzk1TUJHSzJMdElHQlcyTEJNYlZuVC9vUXcwMXhzblRCZXhjYlpiSVg5R0lFU0pQMnE0dHg5QWtJNENuQTZEVDBuak...
425 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AOqLEHx4ZDlNRE54QnJPZjFLcW1BSlNiY0xsd1V4UEE2U1UwalpZS2VBRFNoSG1rNjBtWEp5MFVNNzk1TUJHSzJMdElHQlcyTEJNYlZuVC9vUXcwMXhzblRCZXhjYlpiSVg5R0lFU0pQMnE0dHg5QWtJNENuQTZEVDBuakFFUjg0dk45Tnd4UHBFM1U4V2lGU2ZqOEJTWXM1cUZPRjRZYUFWUFJCYjIwZkFlMEJ2ZEg0VUpwUnlTeGF2SW51VXorWG1ab3BiVUJFSjlJRE91MjN0SnV1S0hIdUFoTTBqZml1M0dvQS94U1hNWlYrcTZrNlRiRzFjd0UxYXNpa0hOeUpTVWxRMTVQL1pzQTA3dk1Fa3lobmdLQUw4ZFpyb3Q4MnB4dzdZY2QyZkR3VTkwbz18&cppv=2
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a10122466ab426897c863ae04b8d7749b4d154a8460059852038f9fff98e1e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1714907
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=AOqLEHx4ZDlNRE54QnJPZjFLcW1BSlNiY0xsd1V4UEE2U1UwalpZS2VBRFNoSG1rNjBtWEp5MFVNNzk1TUJHSzJMdElHQlcyTEJNYlZuVC9vUXcwMXhzblRCZXhjYlpiSVg5R0lFU0pQMnE0dHg5QWtJNENuQTZEVDBuakFFUjg0dk45Tnd4UHBFM1U4V2lGU2ZqOEJTWXM1cUZPRjRZYUFWUFJCYjIwZkFlMEJ2ZEg0VUpwUnlTeGF2SW51VXorWG1ab3BiVUJFSjlJRE91MjN0SnV1S0hIdUFoTTBqZml1M0dvQS94U1hNWlYrcTZrNlRiRzFjd0UxYXNpa0hOeUpTVWxRMTVQL1pzQTA3dk1Fa3lobmdLQUw4ZFpyb3Q4MnB4dzdZY2QyZkR3VTkwbz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
278631
content-length
0
expires
0
fed
ups.analytics.yahoo.com/ups/58813/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q
Requested by
Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://pastelink.net
content-type
application/json
access-control-allow-credentials
true
content-length
0
pd
google-bidout-d.openx.net/w/1.0/ Frame C217 		572 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e27ccd6d410ff11dd381fdf662cc7a3be20fa4e074b6cf50cd71f829bf198f36

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
377
content-type
text/html
date
Thu, 07 Dec 2023 18:56:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
eu-u.openx.net/w/1.0/ Frame C217
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5008915001768587012
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5008915001768587012
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5008915001768587012
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame C217
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=562d0fac-9d16-ceb9-3b53-b98569ac50a2
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=562d0fac-9d16-ceb9-3b53-b98569ac50a2&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=562d0fac-9d16-ceb9-3b53-b98569ac50a2&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DKPF1WSAX1JAS7XTX2SM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CRQ4KWJ3A9V2CKHA5V3R
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=562d0fac-9d16-ceb9-3b53-b98569ac50a2&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame C217 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=0efb73d1-81bc-7543-fb5d-3b12019f9b42&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame C217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjI5NGEwMWItNDhjYi0yYmU3LWVlYmQtNjFhYmNiN2Q1NTIy
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjI5NGEwMWItNDhjYi0yYmU3LWVlYmQtNjFhYmNiN2Q1NTIy&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjI5NGEwMWItNDhjYi0yYmU3LWVlYmQtNjFhYmNiN2Q1NTIy&google_tc=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjI5NGEwMWItNDhjYi0yYmU3LWVlYmQtNjFhYmNiN2Q1NTIy&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpZox16N1t8D7LmdcpN0fc&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpZox16N1t8D7LmdcpN0fc&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMpZox16N1t8D7LmdcpN0fc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=161911415&t=timing&_s=2&dl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&ul=en-us&de=UTF-8&dt=The%2010%20Scariest%20Things%20About%20Spaghetti%20Straps%20Flower%20Girl%20Dress%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2255&pdt=1&dns=0&rrt=0&srt=212&tcp=96&dit=537&clt=560&_gst=718&_gbt=823&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=36841767.1701975384&tid=UA-55088947-2&_gid=941301543.1701975385&gtm=45He3bt0n8155WHPWQv831407672&gcd=11l1l1l1l1&dma=0&z=1625656452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 22:00:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75348
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 2115 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
7915eae82a4cc7a5138af9b0965a4367ce9b85423725984eb2f1c71bd6260ce9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1537
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
img
sync.mathtag.com/sync/ Frame 2115 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x4 config_version:"2895" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:26 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x4 config_version:"2895"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 07 Dec 2023 18:56:25 GMT
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LPVK77XO-1F-JLPD&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LPVK77XO-1F-JLPD&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LPVK77XO-1F-JLPD&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4794973522604621722
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4794973522604621722
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
b6602389-979d-411d-b9de-0e55ca04d045
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4794973522604621722
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:26 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1701975386379021-345
tap.php
pixel.rubiconproject.com/ Frame 2115 		42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
  • https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=cb5a7b8a-8e5c-4be2-b48c-5bdcf9b2fed1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=cb5a7b8a-8e5c-4be2-b48c-5bdcf9b2fed1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:26 GMT
Server
nginx
Location
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=cb5a7b8a-8e5c-4be2-b48c-5bdcf9b2fed1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2115
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjEWjaGBeJkUDIo7IRwDd6nYM8YwB92ez1w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjEWjaGBeJkUDIo7IRwDd6nYM8YwB92ez1w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjEWjaGBeJkUDIo7IRwDd6nYM8YwB92ez1w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3322655952767938813
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3322655952767938813
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3322655952767938813
date
Thu, 07 Dec 2023 18:56:26 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 2115 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 2115
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2TE7DJVYN0D4RS83VW73
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzY3MzhFOEQtREQ1Ny00MTA3LUEwOUMtREY4QjE5Q0M3OTZB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A
date
Thu, 07 Dec 2023 18:56:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGBSvpVKh8EcFqwqBUIjlcA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGBSvpVKh8EcFqwqBUIjlcA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGBSvpVKh8EcFqwqBUIjlcA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
date
Thu, 07 Dec 2023 18:56:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 2115 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame 2115
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=onetag&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=1963e05b-b720-47a6-856d-4f8f72da7bdb&ssp=onetag&expires=30&user_group=5&bsw_param=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9
  • https://onetag-sys.com/match/?int_id=30&uid=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 07 Dec 2023 18:56:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
setuid
u.4dex.io/ Frame 2115 		0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=onetag&uid=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		153 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3750026805100321&correlator=3012929373890516&eid=31079525%2C31078660&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchors_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701975386222&lmt=1701975386&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C325%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&vis=1&psz=1600x-1%7C705x404%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=36841767.1701975384&ga_sid=1701975386&ga_hid=161911415&ga_fc=true&dlt=1701975384005&idt=923&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_creative%3D381846714%26hb_adid%3D748e3df11029259%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.01%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D748e3df11029259%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_creative%3D446868522%26hb_adid%3D80d0818db457cca%26hb_bidder%3Dbcmssp%26_bd%3Dbid%26_pl%3D0.01%26hb_size_bcmssp%3D336x280%26hb_pb_bcmssp%3D0.01%26hb_adid_bcmssp%3D80d0818db457cca%26hb_bidder_bcmssp%3Dbcmssp%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_creative%3D446868522%26hb_adid%3D75f966dcbe2f086%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.01%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D75f966dcbe2f086%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_creative%3D446868522%26hb_adid%3D76650ed424ab843%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.01%26hb_size_appnexus%3D336x280%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D76650ed424ab843%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1701884418426-9_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&adks=840525636%2C1703297318%2C3798138915%2C1897443797%2C1808800939&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89f0a7902b605d7321a7ca69950bfd92e22045bad46ceb745d6649043afccc0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30421
x-xss-protection
0
google-lineitem-id
6244825801,6244825801,6244825801,6244825801,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425542068,138425476187,138425476178,138426175561,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4ab0450136e990fb527224c1b5ad7ebf87b1b0686cbffabbc942272342f1968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12180
x-xss-protection
0
container.html
58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D50 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
Fri, 06 Dec 2024 18:56:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 13:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
18018
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13834
x-xss-protection
0
server
cafe
etag
17155732702192029938
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Dec 2024 13:56:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 18:56:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DCB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmE8AWm3Pjm56K3Hx_FLKp831uIp3Dpq1MwJhFGknlYrqMrWwVlStEtNcdCSmAuX3eoDNGbErpqoMg-JJK1SexQdCdl9VodrhNbazPur_ZYFm9hTPlw3c_3TbPasY6mnRJqH1CVTQx_SCjwmk98XsauwG8aCcAGnPimeuem9kzuMj7mmDtvZ1FRfQkFx7px6GT9yEkve1itvX0R_3oLi3a0q4QEe8rC5w0WcNJ9-hF5QyZaEWkFSxOJuJr-omQpwq9gAFfXbXsAljw9g0lcsnCsn72nS-zA0tRQP4B_AD9J_U4u334R5MQnIOV46L-ZbMTqZfHbObshYcVDEnfFRNoLWIY3phD8T1WHrTS4OBZ0ykAQaq6wjDENyy7unQ&sai=AMfl-YQzTLwqSg9mJrCwz4Sti83WhADq0LLKU62SkLTS_21fWouQCYz8VeZ_NhFY63tX7TDamBV0FXKY4eH9Gwq4ztA0quOJxH2vUGUXdDmO_UKeR2ZaBsO2VaQUQsag9isJR99Fquwd21MO-Q&sig=Cg0ArKJSzJWc0yFOt4thEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame DCB1 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DCB1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:56:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AAC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXF0ddnqXpJ6ButLfvYlseSrF1OwE81Zta0mwKDKjIchnnfEqiGhiOzD8Cn3eO1cFuHsXnxWkPpLPO-0ot0L9wz-DM6dEhwofOMScPzhMdLBd_8qvR0nQJT3QgL-sZ3OqMSfzRNBHonizjAh9ddS2RpGkMtObaOMp73fCCB0Zb6Sm2-DZ5Rk8he1PlEKBWMq8-W7NuvHABdhHi5L3LICGQcd1cHTtcQCUCmHIjvs4dcGEaVxAYxhLfGVaivd_rJD-zxElvz1DoA1jC0mqlgB68PnvtSSFaKAzTNtR45NXoiPsKvFOGH2CVqVyeWWqNkqVbrmXsmDXE78S7BJFIRgavtKdPsdeOGziOLYX4BEsh6X62K-_iiGWVKfTPrgI20qQ&sai=AMfl-YR1qIltZ_4WUNzsZe5XA9OM_dDewWDRv09tnn4FpYYZzthDyfzFZKIvlnP3B06h6OzF9J4IX8LUFXUc6nIuW8-QkTE9rjKstLfUuXa32r9BQsNEVNU9jC0XCEVl0Cm2ZJYAnuJIpsbbfw&sig=Cg0ArKJSzHxcn3vJqlxCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame AAC8 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AAC8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:56:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BEE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXMOFQ7FHEEcz-N5nfWDlsia0k3beq3TRnPjq5JBV0mGzpvjMriqXEzgcv_mwdMBMW1X6dd6ScKeeL5uSyudtQjhhJY8FcPfCGczNL9x6a3O2JYasQle-rJiHdMXfUPdEO-OuQT8b1BO4rIuGuM-ShvDhchw5-W0HEYFtjeK0xrsNi-5J3g6Hk214i3JmdVcsEOc1MbtOuT9-mMWk4X_84NI38JhB3pLL5w0z1rzpGcGlQeuW7Rnw8qqI8uJXhVYxC1Bj6bn4JylgT8xFE7LyDUXrt29i3L-f1zpEHXrJwStrwfImXJ5g2V_QtqlEJksfgRLskedJroGga4SxdyT0C_ViqW_axT3GIzReUigb4CY4LOcnI_9qhrw&sai=AMfl-YSK0wTZ0OPxZSuM1OEg104Sqm_iMOwhMRXca21E0uzbLTR1gunfloY7LML6FN36CFFnSAOpA0zoCAT7qFTrd2ZrvsynSunuW-n1_cj7D4cbwx01ao3azajthCDdJZvVCnqYxHNOhnpl3g&sig=Cg0ArKJSzLSFJFmbHM31EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame BEE3 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BEE3 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:56:26 GMT
css2
fonts.googleapis.com/ Frame 3D64 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 18:27:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 18:56:26 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/ Frame 3D64 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 16:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
8968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 16:26:58 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame DCB1 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 07 Dec 2023 18:56:25 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 20:39:18 GMT
x-azure-ref-originshield
0TbhxZQAAAACug09o+8i/TLTi7PStIm4pRlJBMjMxMDUwNDE4MDQ3ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
eT/rP1osR4pAVezQYQpizg==
etag
0x8DBF509168BF531
x-azure-ref
0WhVyZQAAAABiRbaX3WIIQJz9EGwqQNmiWlJIRURHRTA2MTMAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b8d7a0d2-801e-0093-02ee-28f0cf000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame DCB1 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Fri, 06 Dec 2024 18:56:26 GMT
it
fra1-ib.adnxs.com/ Frame DCB1 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpastelink.net%252Fbvpyuz2q&e=wqT_3QKzB-izAwAAAwDWAAUBCNmqyKsGEJr4nKPD-53WQxgAKjYJ2H471IMukz8R5x7SPP04kj8ZAAAAYD0Ktz8h5w0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4w4cGgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2J2cHl1ejJxgAMAiAMBkAMAmAMXoAMBqgObAwqxAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTdjYTg0OGY3LTIyYzEtNGE3OC05YWVjLTEyZDEyZjZkMzU1ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9N2NhODQ4ZjctMjJjMS00YTc4LTlhZWMtMTJkMTJmNmQzNTVmJnJ0eXBlPW51cmwmdGFnSWQ9MjkxMDMxNzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFvDtU3ViR3JvdXA9cGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NzY0MDQyODQxOTEwOTU4MzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJeE9EZzROamMwTXpJMU56a2pNak16TXprNE9ETXdPREkyTnpNME5RPT3AA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBEWAWIgFAZgFAKAFouvqpOefiOF2wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWE7G76BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfDhwbSBw0VZQEmCNoHBgFewBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=14341305b05962a34412b7921ba875b63d7fdcd7
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
6c3f79aa-0f81-4060-82f8-8937e9ccb2ac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame BBC9 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-16.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
cache-control
public, max-age=600, stale-while-revalidate
content-encoding
gzip
server
//srv.buysellads.com
etag
196270e7fcc49a0af36f5d62866c973b3ad33942
vary
Accept-Encoding
content-type
application/javascript
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BBC9 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 18:56:26 GMT
bidwon
rt.marphezis.com/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/prebid/bidwon
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin
id5-api.js
cdn.topsrvimp.com/cmpp/ Frame AAC8 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.topsrvimp.com/cmpp/id5-api.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
CloudStorage /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
age
19170
x-agile-checksum
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
x-agile-request-id
ac5ac336d1263dc9b6654f512cb7a103, 7f3de409af76a6904d53fa00421d1ad5
x-agile-brick-id
480531902
content-length
16288
last-modified
Sun, 13 Nov 2022 08:52:54 GMT
server
CloudStorage
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-agile-source
178.79.252.247:1987
x-llid
4a8ffaa7255bd2f64d49f37a83297f6b
expires
Fri, 08 Dec 2023 13:36:56 GMT
client.js
rt.marphezis.com/static/ Frame AAC8 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/static/client.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a46fb4b0d435e4e16099c4403859ef914abea1650b4a52018467d20d2442fe8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
last-modified
Sun, 23 Jul 2023 13:34:49 GMT
content-length
6399
vary
Origin
content-type
application/javascript
sync
rt.marphezis.com/ Frame AAC8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https://rt.marphezis.com/sync?dpid=6%26puid%3D%23PM_USER_ID
  • https://rt.marphezis.com/sync?dpid=6&puid=36738E8D-DD57-4107-A09C-DF8B19CC796A
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=6&puid=36738E8D-DD57-4107-A09C-DF8B19CC796A
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

location
https://rt.marphezis.com/sync?dpid=6&puid=36738E8D-DD57-4107-A09C-DF8B19CC796A
date
Thu, 07 Dec 2023 18:56:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
rt.marphezis.com/ Frame AAC8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562863&ev=1&us_privacy=${us_privacy}&gpp=${GPP_STRING_XXXXX}&gpp_sid=${GPP_SID}&rurl=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D7%26puid%3D%25%25ENCRYPTED...
  • https://rt.marphezis.com/sync?dpid=7&puid=nSA2CJqu0kcOpi7PcGy_gw&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=7&puid=nSA2CJqu0kcOpi7PcGy_gw&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rt.marphezis.com/sync?dpid=7&puid=nSA2CJqu0kcOpi7PcGy_gw&ev=1&gpp_sid=${GPP_SID}&gpp=${GPP_STRING_XXXXX}&us_privacy=${us_privacy}&pid=562863
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-v92vn
expires
-1
sync
rt.marphezis.com/ Frame AAC8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rt.marphezis.com/sync?dpid=2&puid=$UID
  • https://rt.marphezis.com/sync?dpid=2&puid=4794973522604621722
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=2&puid=4794973522604621722
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
20e2828b-01ce-440d-bee2-1545c1b3c7a1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rt.marphezis.com/sync?dpid=2&puid=4794973522604621722
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
rt.marphezis.com/ Frame AAC8
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=1d56d11e-e371-4ec4-be9f-2d08da80470e&r=https://rt.marphezis.com/sync?dpid=3&uid=
  • https://rt.marphezis.com/sync?dpid=3&uid=a36314ac-7244-4ad5-881f-9de6b9f61f1b
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=3&uid=a36314ac-7244-4ad5-881f-9de6b9f61f1b
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

date
Thu, 07 Dec 2023 18:56:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rt.marphezis.com/sync?dpid=3&uid=a36314ac-7244-4ad5-881f-9de6b9f61f1b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
nmedianet.js
contextual.media.net/ Frame BEE3 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
914142365aa05dffdcc298c09a75fda4c6d209b591d2aaa6836b30e986c654e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 07 Dec 2023 18:56:26 GMT
server
Apache
etag
"d7de00685e8c25e4e7e6ea8a22d415d6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
36437
expires
Thu, 07 Dec 2023 19:01:26 GMT
log
qsearch-a.akamaihd.net/ Frame BEE3 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=df551389eb7f4903bc2bfdcc67cf1097&algo=default&bdp=0.0400&bidfp=0.0000&capd=0&cc=CH&cid=8CUQN152J&crid=881526814&ct=H%C3%83%C2%BCnenberg&dc=eu_be&dfpbd=0.0240&dn=pastelink.net&iwb=1&ogcbdp=0.0400&other_bids=0.04&other_prv=460&pbshr=100.0000&prdp=0.0240&requrl=pastelink.net%2Fbvpyuz2q%2F&sat=1&sc=ZG&sc_pvid=460&send_erpm=true&server=1&size=336x280&strg=harmony&totalTime=3254030&ugd=4&ver=9.6.4&cliIP=-1178384640&time_stamp=2023-12-07%2018%3A56%3A25&seat=BID_API&itype=appnexus&req_id=395455983225639534&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_appn_1-cid_0&ogerpm=0.0400&ogerpm_used=false&rawbid=0.0400&totalTimeBucket=3&as_cache=0&sub_bidder=196&current_day=4.0&current_hour=18&cut=40&floor_bucket=0.00&model_version=202312070150_generic_appn_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.3600&stid=29103178&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=1.9947&bdp_wider_bucket=1&splid=29103178&dim10=false&dmm_m9=0.0000&dmm_m10=1115113&log_less=false&cut_bkt=40&advurl=generalsearch.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=bvpyuz2q&clisp=rtb-common-envoy-959b6b648-m2zgb.BE&dmm_m1=2023-12-07%2018%3A56%3A25.189182543&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0400&adtyp=0&gpid_format=DEFAULT&gpid=29103178&gpid_sent=true&pst=EMS&bcrid=446868522&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-68754cb744-848cp&rel_cut_bkt=40&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:26 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 07 Dec 2023 18:56:26 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame BEE3 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 07 Dec 2023 18:56:26 GMT
x-guploader-uploadid
ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 07 Dec 2023 19:56:26 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame BEE3 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Fri, 06 Dec 2024 18:56:26 GMT
it
fra1-ib.adnxs.com/ Frame BEE3 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpastelink.net%252Fbvpyuz2q&e=wqT_3QLXBOhXAgAAAwDWAAUBCNmqyKsGEN7f-d7I3b_nERgAKjYJ-n5qvHSTmD8RPN9PjZdukj8ZAAAAYD0Ktz8hPA0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUCVCUhgUKrYitUBWJjVUmAAaJH3a3jDhwaAAQGKAQNVU0SSAQEG9GkBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9idnB5dXoycYADAIgDAZADAJgDF6ADAaoDQBIXMzk1NDU1OTgzMjI1NjM5NTM0X3NiaWQaEzEyODMyNDMyMzU3NTk1MTc2NjIiCTQ0Njg2ODUyMioFTTExNzPAA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQPCAAQARh4INgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKrYitUBiAUBmAUAoAXupN7j8aO8vgXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAANP3QQABgA4AYB8gYCCACABwGIBwCgBwHIB8OHBtIHDQkNJQUmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=7b1e7a6bbe40a07b9f40beed48425f7d706fa6cb
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
12f6eb70-a878-4943-91e2-f731cffd7b60
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame BBC9 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e818f6fea40fe02802ab543ae13ec750b1d3a4fbe33c70a8fdbac86f5758631b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2023 19:06:55 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656f74cf-20543"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
47054
Expires
Fri, 08 Dec 2023 18:56:28 GMT
nmedianet.js
contextual.media.net/ Frame BBC9 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
40dc9e60097fb423f697360c5fd49595a5758190cec07eafbdec88769d3c5673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 07 Dec 2023 18:56:26 GMT
server
Apache
etag
"e44cd28e2513a10b78f5218b60f16842"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
content-length
36440
expires
Thu, 07 Dec 2023 19:01:26 GMT
log
qsearch-a.akamaihd.net/ Frame BBC9 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=19e03c9b4dafa806baaf698552cd33f4&algo=unison26&bdp=0.0400&bidfp=0.0000&capd=0&cc=CH&cid=8CUQN152J&crid=881526814&ct=H%C3%83%C2%BCnenberg&dc=eu_be&dfpbd=0.0240&dn=pastelink.net&iwb=1&ogcbdp=0.0400&other_bids=0.04&other_prv=460&pbshr=100.0000&prdp=0.0240&requrl=pastelink.net%2Fbvpyuz2q%2F&sat=1&sc=ZG&sc_pvid=460&send_erpm=true&server=1&size=336x280&strg=harmony&totalTime=2743010&ugd=4&ver=9.6.4&cliIP=-1178384640&time_stamp=2023-12-07%2018%3A56%3A25&seat=BID_API&itype=appnexus&req_id=395455983225639534&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_appn_1-cid_0&ogerpm=0.0400&ogerpm_used=false&rawbid=0.0400&totalTimeBucket=2&as_cache=0&sub_bidder=196&current_day=4.0&current_hour=18&cut=40&floor_bucket=0.00&model_version=202312070150_generic_appn_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.3600&stid=29103178&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=1.9947&bdp_wider_bucket=1&splid=29103178&dim10=false&dmm_m9=0.0000&dmm_m10=1074265&log_less=false&cut_bkt=40&advurl=generalsearch.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=bvpyuz2q&clisp=rtb-common-envoy-959b6b648-m2zgb.BE&dmm_m1=2023-12-07%2018%3A56%3A25.188994659&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0400&adtyp=0&gpid_format=DEFAULT&gpid=29103178&gpid_sent=true&pst=EMS&bcrid=446868522&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-68754cb744-hjf4t&rel_cut_bkt=40&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:26 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 07 Dec 2023 18:56:26 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame BBC9 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 07 Dec 2023 18:56:26 GMT
x-guploader-uploadid
ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 07 Dec 2023 19:56:26 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame BBC9 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Fri, 06 Dec 2024 18:56:26 GMT
it
fra1-ib.adnxs.com/ Frame BBC9 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fpastelink.net%252Fbvpyuz2q&e=wqT_3QLYBOhYAgAAAwDWAAUBCNmqyKsGEN_T1YvH04itGhgAKjYJ-n5qvHSTmD8RPN9PjZdukj8ZAAAAYD0Ktz8hPA0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUCVCUhgUKrYitUBWJjVUmAAaJH3a3jDhwaAAQGKAQNVU0SSAQEG9CoBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9idnB5dXoycYADAIgDAZADAJgDF6ADAaoDQBIXMzk1NDU1OTgzMjI1NjM5NTM0X3NiaWQaEzE4OTg4NjgyNDgyMDM4NDgxNTkiCTQ0Njg2ODUyMioFTTExNzPAA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQQCAAQARjAAiDgAygAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASq2IrVAYgFAZgFAKAF7qTe4_GjvL4FwAUAyQUAAAAAAADwP9IFCQkBCgEBcNgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHw4cG0gcNCREoASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=3f5cd17a87e197ca9287050562523ff9060967c5
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
bb610490-5b1d-476e-8a16-f900e80dfc7e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9006 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
20089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 13:21:37 GMT
expires
Fri, 06 Dec 2024 13:21:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 220B 		829 B
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
27248138920ca3210d8e18d842691aae81813c2e29baeaae3bf2b53aed928c7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j6HkvWyFq7H6xbODUORWyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-j6HkvWyFq7H6xbODUORWyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
Thu, 07 Dec 2023 18:56:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9006 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 13:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
20345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 13:17:21 GMT
c.gif
www.bing.com/aes/ Frame DCB1
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3717a331-6dff-4390-8229-cbe9eaf019f6&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7ca848f7-22c1-4a78...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce963030562745778efcb7b6b53a3db0&SNR=1&GV=2&med=10
0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce963030562745778efcb7b6b53a3db0&SNR=1&GV=2&med=10
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
2a02:26f0:2c::213:614a Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BEA334839CD2438F98FE4F7CF8297814 Ref B: AMS04EDGE1311 Ref C: 2023-12-07T18:56:26Z
x-cdn-traceid
0.46611302.1701975386.30ddd965
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 07 Dec 2023 18:56:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DB46FE621EF442BA83663277EDF991E5 Ref B: DUS30EDGE0318 Ref C: 2023-12-07T18:56:26Z
x-cdn-traceid
0.46611302.1701975386.30ddd92e
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ce963030562745778efcb7b6b53a3db0&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
th
www.bing.com/ Frame DCB1 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.9964445236234_1JHJWJK49F4ZEJZNQB&pid=21.2&c=16&roil=0.0017&roit=0&roir=0.9967&roib=1&w=200&h=105&qlt=90
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2c::213:614a Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e6ab6b7220c1d507c141dd0dc7dc0aec043e09ade6209e9f33d899e13a3ad389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.46611302.1701975386.30ddd92d
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
8999
alt-svc
h3=":443"; ma=93600
rd_log
fra1-ib.adnxs.com/ Frame DCB1 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QKQBOgQAgAAAwDWAAUBCNmqyKsGEJr4nKPD-53WQxgAKjYJ2H471IMukz8R5x7SPP04kj8ZAAAAYD0Ktz8h5w0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4w4cGgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2J2cHl1ejJxgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-5XCAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xODUuMTk1LjcxLjIxNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQF5ViIBQGYBQCgBaLr6qTnn4jhdsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFhOxu-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHw4cG0gcNFWUBJgjaBwYBXqAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIANIIBggAEAAYAA..&s=e7c0e9fc904bf883191b1b3ad0b983fa1bf4710f&bdref=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q,https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
c75f96cb-37ae-4688-b15c-42adf42bfd77
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 220B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=3750026805100321&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 0039
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
  • https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 18:56:26 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Dec 2023 18:56:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
server
AkamaiGHost
usermatch
ssum-sec.casalemedia.com/ Frame B830
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197494&cb=https://rt.marphezis.com/sync?dpid=5%26puid=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
2 KB
894 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4a6b612e8de7789b3b9facc55abd87f2052d3466e45c8b5572e138f9bb7e0e

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
831efd17aaca23c7-ZRH
content-encoding
br
content-type
text/html
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1vjHEZP2QSntq0rC5UnpceGG6XqFKS5jsVtluImZIDGufGHMwOAdMiNTa6WuqP9svdFvlAjKz0j442%2BLGYFaGuSKB0IP9ni9D%2FREhrM0wYKzEwvl5jmj9Zmi1yLHM8Hh1SzdE0nIRwQXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
831efd175a4f23c7-ZRH
content-length
0
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNQVphp0vhVGgnuF0v%2FCpHrXkHUY0VazCK%2BhRVA73KO9FkTOUxrhhZkeeGDBP6pB3u3tnhXwzlvw2lY6mIKOk%2BjogIOZlnug8Z1vfStDg68fk6spCgZ71uSNIb84yNWGxwaZxxLwiZnrdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame DCB1 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QKzB-izAwAAAwDWAAUBCNmqyKsGEJr4nKPD-53WQxgAKjYJ2H471IMukz8R5x7SPP04kj8ZAAAAYD0Ktz8h5w0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4w4cGgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2J2cHl1ejJxgAMAiAMBkAMAmAMXoAMBqgObAwqxAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTdjYTg0OGY3LTIyYzEtNGE3OC05YWVjLTEyZDEyZjZkMzU1ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9N2NhODQ4ZjctMjJjMS00YTc4LTlhZWMtMTJkMTJmNmQzNTVmJnJ0eXBlPW51cmwmdGFnSWQ9MjkxMDMxNzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFvDtU3ViR3JvdXA9cGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NzY0MDQyODQxOTEwOTU4MzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJeE9EZzROamMwTXpJMU56a2pNak16TXprNE9ETXdPREkyTnpNME5RPT3AA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBEWAWIgFAZgFAKAFouvqpOefiOF2wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWE7G76BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfDhwbSBw0VZQEmCNoHBgFewBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=14341305b05962a34412b7921ba875b63d7fdcd7&type=nv&nvt=5&jm=1003&px=436&py=1105&bw=182&bh=90&sid=3655032991320321639&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=29103178&sw=1600&sh=1200&pw=1600&ph=3429&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
c1983072-a823-430a-91c5-f52c607d8ed1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 07 Dec 2023 18:56:26 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame BBC9 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame DCB1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58ec66cc6132dc74ca374e5871f4289d5fd3db74ea8d4cb391f8bb0446a5ac37

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 61B4 		70 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2525&&kkdd=uA%7CW%7CuHhn3*A9&222=bRSU6OlIUOKhli-U.mTpbLIxQKMv-ud~aQnUz(9*SrhVscyHf5SRU_%3D%3D&aW=mqNm)qAvHyqvsdqmvsA&_iY2=m&MkY*=N&lia=mmd)&bklh=OvsN&lWi=H1Xsn1.JS&lYli=Y5ybGQbrb15l9N0Ip29hQz%3D%3D&l2Wi=HvAymyANs&kWRh=vvyLdHN&ll=1D&kl=-D&l6jM=DwS!CV9&YWi=H(C13d3Co&bYWi=3dmvvsd&6bbYk=m&ep2P=6bbYk%3A%2F%2FY*kbhIWjeEjhb&hep2P=pqqTz%3ArrTmzqu7HRXERuq&jkh=A&Ip=m&f_i=s&*ibm=H1XzVmAdu&*ibd=HHmAdyHms&xi*b*=kid%3DjfIIFWf2IKI%3DdNFQ_h2YM%3DNENsFapKhLl%3DNEvyFaWkKki%3DmqHFild%3DmFkli%3DR_FaK*kj%3DAyHNvFaId2Kki%3DdNdvmdNqmmFWf2IKx%3DmvdyEyvFf2IKbel%3DNFkbi%3D%2FddsNAsHmN)m%2F(*kbhIWjeKrdrKGjbh2kbWbW*IKSCr%23xk*URQjhKmyqAHyHsAvmN)UAKmdvsAyFI*kb%3DFaWkKf2IKx%3DNENHFWY%3DvQXSplFPxx%3DNFaWkKf2IKI%3DdNF2WWYf*%3Dq%2CqFhb%3DmNF2l%3DmF2YkKki%3DdNdvmdNqmdFaWkKx%3DsqNENHFf2IKx%3DNEqAFaId2Kf2IKx%3DNFaId2Kf2IKaW%3DmTUmyFf2IKbaW%3DNFhlYKhh2%3DdEdAFf2IKI%3DdNF_l*b%3DUmFxx%3Dm)yFaa%3DNFId2Kx%3DmNNNFh2YM%3DNENsFaId2Kf2IKel%3DNTNFxM%3DmF*vYKx%3DdEqv%2CvmEAFkWi%3DHvAymyANsFki%3DNFfWi%3DddiA~cSqYCyIMls6*oFxbi%3DvNq)qmqyv)NqHNqqyvvymqAvNHHyAA)mdd)Hs)AAmqms)NA)dqsdNAysqvm)qvqvAAmNy)HqNvy)syvsyNNv)Hv)H)dAyNmH)qddydsFapf%3DNEvyFidYKI%3DmNFvYlP%3DmNNNFfWM%3DNFQ_KMk6%3DNENsFiMMKkb2_%3D6*2MQj0FidYKx%3DNE)HFQ_idYKx%3DNE)yFaf2IKx%3DmEd)Fkk%3DVwFll%3D1DFfWp%3DUmFlh%3DNF2YkKx%3DvmEAFaf2IKI%3DdNF1G%3DvNAvFexKfl%3DUdFjbk%3DvFexKllek%3DUdF!(d%3DEg%2FYEgFlb%3D6fjhjxh2_FxkkK.3o%3DVw%2CVwFx*kWkd%3Dm)yFx*kWkm%3Dm)yFWkShP%3DNFWaf2IKx%3DNEqHFWkWP%3DNFxWi%3DNENsFil%3DHFaId2Kx%3DdEqvFWaf2IKI%3DdNFlxiY%3DNENdsFWb0YhKWi%3DmyFkhIIh2Kb*_KWi%3D%2FddsNAsHmN)m%2F(*kbhIWjeKrdrKGjbh2kbWbW*IKSCr%23xk*URQjhKmyqAHyHsAvmN)UAKmdvsAyFkfYYI0Kb*_KWi%3Dd)mNvmqHFaWhp*xWIWb0%3DNEvAq)dFYQk%3DNFl*22Wh2Gi%3DNFQ_xWi%3DNENsNFxPI2%3DNENNNFkfWi%3DFibl%3DhfKxhFiMMKh2YM%3DP*IkhFiMM%3D6*2MQj0FxiYl*Yi%3DNFi*I_%3DfjWkQjdyFWjkI%3DNFkQxY%3DF6bMI%3DmFilfb%3DsNFiQ_x%3DNUmFWxl%3DmFjkR%3DvFb_k%3DvNNLdAN%7CvNNLyNN%7CvvyLdHNFxkx%3DNFxkY%3DNFbML%3DmNH&jba=N&MMM=lXuBMy-CIN*P1SyiwB79DDWICmRDrj(shp2RlykV.p(Xc9uS!N*30aB27lb*O7uIaj~T29noX*vMOb)xmwyq-Sn3W2YwXP0fSJJhq0732P9%3D&Wp=N&WjGP2=m&xi2Gi=syN&xWi=vs)NyA&ebbIh=36h%20mN%20rl*2Whkb%2036Wj_k%20wxQfb%20rY*_6hbbW%20rb2*Yk%20nIQph2%20~W2I%2052hkk%20U%20(*kbhIWjeEjhb&MlP=))dN&0ikY2=m&e*bY2h=m&e*bxWi=UmNv&l*iQM*Wj=bRSU6OlIUOH.bCOsu-QW1.6HblvwYRfvY4HWYNhs(RT%3D&0YIY=m&WkWi=A&*ia=~hjh2*I%20rh*2l6&Y_Wi=YNmHNvHAqNyHbdNdvmdNqmHAy&kkIi=%7B%22kkWY%22%3A%22mHAEm)AEqmEN%22%2C%22kkll%22%3A%221D%22%2C%22kkkl%22%3A%22-~%22%2C%22kklb0%22%3A%22D%C3%83%C2%BCjhjxh2_%22%7D&6bMIk2l=m&sflct=5590675&ure=1
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6199e0079d62e1e476a2a5085d25ec0e1cc0da0de24fdd606539c6fd41ac2f58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25413
content-type
text/html
date
Thu, 07 Dec 2023 18:56:27 GMT
expires
Thu, 07 Dec 2023 18:56:27 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-pb9b
checksync.php
contextual.media.net/ Frame AD0C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5965
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
Sat, 09 Dec 2023 18:56:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame BBC9 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2144&&vgd_cdv=1129&vgd_cage=2&vgd_tsce=L340&vgd_mcf=9920&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=835616504&vi=1701975386734271345&ugd=4&lf=6&kwrf=https%3A%2F%2Fpastelink.net&cc=CH&sc=ZH&lper=100&wsip=170785191&r=1701975386788&rrr=tzR-hLcl-L_ecdZ-K1Ewtxlbo_m3ZJ2GvoF-QPYaRSeN4q68uDRz-g%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9H~eBMJ-Nv9.AF~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvSffH9XHWu9iuS01Q7Jj8zUMbfbMVz7JLQ78781jMDab%23GQ1olmzJMuFhXWFWHXAu9ioXMufAHXF~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vu9~LNvu~LEQMQOvf9fAuf9huf~e8QMGvHh9.9W~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvf.fX~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9H~ejfLMxLjMUNv949~GYvu~1AEMGvf.hA%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvffOXZ%20DhEaFjYNHw1p~G7OvA9hihuhFAi9hW9hhFAAFuhXA9WWFXXiuffiWHiXXuhuHi9XifhHf9XFHhAuihAhAXXu9FiWh9AFiHFAHF99AiWAiWifXF9uWihffFfH~eBxv9.AF~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9H~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvA~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9H~ONvW~ejfLMGvf.hA~8exLjMjvf9~NGOEv9.9fH~875EJM8OvuF~QJjjJLM71yM8OvSffH9XHWu9iuS01Q7Jj8zUMbfbMVz7JLQ78781jMDab%23GQ1olmzJMuFhXWFWHXAu9ioXMufAHXF~QxEEj5M71yM8Ovfiu9AuhW~e8JB1G8j875v9.AXhif~EmQv9~N1LL8JLVOv9~myG8Ov9.9H9~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvA~7yQvA99-fX9%7CA99-F99%7CAAF-fW9~GQGv9~GQEv9~7Y-vu9W&ssld=%7B%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQNN%22%3A%22%3Dq%22%2C%22QQQN%22%3A%222Z%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%7D&vgd_bid=349065&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=56803&vgd_rakh=1701975386199316144&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_pgid=p01803857068t202312071856&vgd_pgids=1&vgd_uspa=0&hvsid=00001701975386786031165826569044&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:26 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:26 GMT
checksync.php
contextual.media.net/ Frame CBA5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C3016%2C313%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
473320d7653a7a832d00e1f1192083fc09d1ec284f4deeb03816e8962e93b81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8070
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
Sat, 09 Dec 2023 18:56:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame BBC9 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=5339&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&cc=CH&cid=8CUQN152J&reqid=395455983225639534&vid=395455983225639534&dn=pastelink.net&rawDn=pastelink.net&requrl_dn=pastelink.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=ZG&ct=H%C3%83%C2%BCnenberg&zip=6331&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-envoy-959b6b648-m2zgb.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=140&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=56803&sckfl=0&sckfl2=0&smbrid=8394&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-1070141&geoll=false&is_ortb=true&s_ip=37.252.173.0&s_city=frankfurt+am+main&commit_id=3abc4605&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-07+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&proxy=envoy&rtttime=35&req_tid_present=true&pvid=460&prvAccId=835616504&prvApiId=8CU4FCKBR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=881526814&prspt=headerBid&prvReqId=24593372208998_752346585_8815268144601&size=336x280&chnl=HARMONY&bdp=0.040&bid_uuid=fc37da72c3326830666da33e858de2f8&cbdp=0.024&og_cbdp=0.040&ogbdp=0.04&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.024&dsrc=-2&dp=0&dbf=1&epc=835616504&s=1&snm=SUCCESS&pcrid=8CU4FCKBR-835616504-49-1&tpbTkn=false&exid=218&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=36&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1701975385180&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.04&dmm_erpm=true&dmm_ogerpm=false&bcrid=446868522&strg=HARMONY&stagid=29103178&vls=0&scrid=446868522&mang=1&pvdTmax=108&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU4FCKBR&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU4FCKBR&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=29103178&mx_tgs=300x250%7C300x600%7C336x280&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=29103178&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23bsNed%3ADEFAULT%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=19e03c9b4dafa806baaf698552cd33f4&rtime=14.0&wsip=mowx-68754cb744-hjf4t&ltime=20.0&act=headerBid&abs=0%7C0%7Cxtmax%3D140%7Cbrr%3D0&adtypes=0&impId=1898868248203848159&reftime=15000&reftype=0&dsid=29103178&insl=0&gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&mowxReqId=19e03c9b4dafa806baaf698552cd33f4_1&ecp=0.09&req_size=300x250%7C300x600%7C336x280&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=29103178&supplyTagId=29103178&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-12-07+18%3A56%3A25&__expireat=1701975985443&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.040&lo_cbdp=0.024&actltime=28&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.04~vw_exc%3D0.36~vis_sd%3D178~dc2%3D1~scd%3Dzg~v_asn%3D56803~vl2r_sd%3D2023120711~iurl_b%3D1326.63~url_tkc%3D0~std%3D%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456~last%3D~vis_url_b%3D0.08~ip%3D3oURwc~fbb%3D0~vis_url_l%3D20~riipua%3D7%2C7~et%3D10~rc%3D1~rps_sd%3D2023120712~vis_b%3D470.08~url_b%3D0.75~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~ecp_eer%3D2.25~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.04~vl2r_url_kc%3D0E0~bm%3D1~a3p_b%3D2.73%2C31.5~sid%3D835616504~sd%3D0~uid%3D22d5GqR7pO6lmc4haW~btd%3D3079717639078077633617530886559122984955171490592742056473197373551069870369463460039839892560189722624~vwu%3D0.36~d2p_l%3D10~3pcf%3D1000~uim%3D0~og_msh%3D0.04~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.29~ss%3DNA~cc%3DCH~uiw%3D-1~ce%3D0~rps_b%3D31.5~vurl_l%3D20~CI%3D3053~kb_uc%3D-2~nts%3D3~kb_ccks%3D-2~MP2%3D.*%2Fp.*~ct%3Dhunenberg~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.78~isif%3D0~bid%3D0.04~dc%3D8~vl2r_b%3D2.73~ivurl_l%3D20~cbdp%3D0.024%7Eitype_id%3D16%7Eseller_tag_id%3D%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456%7Esupply_tag_id%3D29103178%7Eviewability%3D0.35792%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.040%7Ebflr%3D0.000%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison26%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~nsz%3D3~tgs%3D300x250%7C300x600%7C336x280~bsb%3D0~bsp%3D0~tmx%3D108&utime=1611&sf=0&cpr=0.8914622586186085
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:26 GMT
rd_log
fra1-ib.adnxs.com/ Frame BBC9 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QKQBOgQAgAAAwDWAAUBCNmqyKsGEJr4nKPD-53WQxgAKjYJ2H471IMukz8R5x7SPP04kj8ZAAAAYD0Ktz8h5w0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4w4cGgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2J2cHl1ejJxgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-5XCAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xODUuMTk1LjcxLjIxNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQF5ViIBQGYBQCgBaLr6qTnn4jhdsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFhOxu-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHw4cG0gcNFWUBJgjaBwYBXqAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIANIIBggAEAAYAA..&s=e7c0e9fc904bf883191b1b3ad0b983fa1bf4710f&bdref=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q,https%3A%2F%2Fpastelink.net%2Fbvpyuz2q,https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
c6fc6c5f-4d42-479f-b3f4-19fead342ec0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 9006 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6uVNLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame AAC8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a021ceb815a8890dfa0c2eb9cb612eb06706dc173bed57250636e332e803064f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
28292
i6.liadm.com/s/ Frame B830
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=9afae485cb54487082add11bb5fa1be2
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gflf3YTyA-hxHY7b1hGBqSVLFmR2Cu1rYGiGEA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gflf3YTyA-hxHY7b1hGBqSVLFmR2Cu1rYGiGEA
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gflf3YTyA-hxHY7b1hGBqSVLFmR2Cu1rYGiGEA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:3941:84f1:d852:9a8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:28 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-Gflf3YTyA-hxHY7b1hGBqSVLFmR2Cu1rYGiGEA
Date
Thu, 07 Dec 2023 18:56:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
crum
dsum-sec.casalemedia.com/ Frame B830
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXIVWqix3sFrBQxOiD9eGwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELdUpw6R-2yT8Th0lLMm3ds&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELdUpw6R-2yT8Th0lLMm3ds&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCqVTCocq8b1I8vRmyzOldIKROd4RrCY8f%2FWbTKNUfo%2Fiu545dpxkdOi6pZ9PuvaazxkPMtJxR6a3gOsjIXXN0aLKBQt0FnY%2FXiPbjLhzzkIFjhgUNXCT4mQBFjo%2BZAkmZzlz3fzzRyvHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831efd18dde501df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELdUpw6R-2yT8Th0lLMm3ds&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B830 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame B830 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GRHN3GN1T0BZKE9BWBT0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B830
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RA06NI3R1RbjxV5
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RA06NI3R1RbjxV5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhVhdNwAMttal9KpbjrMI9i06Dw3AamvtND1Jn0R6G%2BEptbrJS8ONurYlgkevW4OKPthhJofDyRhG2xLzOXlSVv9zGBJu9ELvrlT7P%2BSksVg99VXaQlyYsm2yyMvq4K5PcJtiVARRSScPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831efd197eef01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RA06NI3R1RbjxV5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B830
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3322655952767938813&gdpr=0&gdpr_consent=
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3322655952767938813&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwmeO%2FRJ0%2FS366T6l5G8X%2Bv22bImFUHLr59badHJk7t0AiTOCyT0znzrOw0fNuaVb%2BfRu%2BHhc%2BQWiolonhKVmUO%2FuyqGvyylyRfrggyldON%2FruwSY1r84Zxp4yasuXdpXGhENqzJew8u%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831efd18ee0801df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3322655952767938813&gdpr=0&gdpr_consent=
date
Thu, 07 Dec 2023 18:56:26 GMT
content-length
0
demconf.jpg
dpm.demdex.net/ Frame B830
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H2
Server
52.209.217.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-217-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-03f694e4f.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
dxWWYUbyTn0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-08513f95b.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Q5mMvc3fQqQ=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame B830
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5008915001768587012&expiration=1703184986
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5008915001768587012&expiration=1703184986
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNVWiW6OoE9Ily8BMCKxbDPYcE73bMA9LJ6ysi1ilgP6OF8yUZlPnbjhciypOzg1FgdBjvTYMFusnWuCrgeQ2hTkhQhPlJQX3wlOQHJK1XCA3GFuSWLQ2hA6sEMkAq3FPcyfGWg29Xaxlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831efd18cdbd01df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=5008915001768587012&expiration=1703184986
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
rt.marphezis.com/ Frame B830 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=5&puid=ZXIVWqix3sFrBQxOiD9eGwAA%263370
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frt.marphezis.com%2Fsync%3Fdpid%3D5%26puid%3D&s=197494&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame DCB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAmXxt3NAX0ASMenia3ZpGCm3ZmdrCKVfvhF3DXwtpmNPMV2CHJi-OKkdBMKFC5K1ZUVtnkKr7G5EQnt36SeXV0Xc72lFKZILc7oL40tCBld240nBSDV-YFbPFHjBrjvsZKOabI3uLZUon6KHqDdpaDCoHwf5yUHqnejlY7zgSbX00yDxk_Y0idMvelHUBXpaRlZlJVYIAyfnqqrfVPJt3jN8arsliVmCn_Q4qXVH72UBt6OIX4yTY23zy8wm9ox61878WZDcoYI1ZkZZrWFQihRQsZYeYKRo-HPPx50G4jgOiLW-eEC_te095FF3G4CHxJMg7f89Uk7ZHBVqgo8XpFzdzdXt1-ZOdrUtO-yP-gPyYEpaLUvkGRRH6CFce2Q&sai=AMfl-YQzaF_0LiJ9GA8bMyNGFuaq-W5kEMYOTHdREdFL2te_rXSaHA5g-g_sVzxbtMJh_B_AMFlyu79EnAHuI_eSegzopU0VzZ8kn5Bg4yC-fPM8GMsOcp0-4FP33HB4asMgkobttBNzax7igg&sig=Cg0ArKJSzCBjZSTyNb1REAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 18:56:26 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 9836 		70 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2462&&kkdd=!%7CH%7CA*n9&e8=Sa9SAa3lhEUUAa9Ha9H&yOJ-=S&qDJ1=9&nOe=SSUA&KDnV=YlH9&n8O=hw_HswNRW&nJnO=JTEKCmK4KwTn29fPB-2VmM%3D%3D&n-8O=hl3ESE39H&D8!V=llE~Uh9&nn=wZ&Dn=uZ&nbkq=ZzWctI2&J8O=hdtwQUQt7&KJ8O=QUSllHU&bKKJD=S&---=K!WgbYnPgY0VnOugNSoBK~PGm0qlu6U.emsgMd21W4VIHFEhxTW!gy%3D%3D&kDV=3&PB=S&xyO=H&1OKS=hw_MIS3U6&1OKU=hhS3UEhSH&GO1K1=DOU%3DkxPPr8x-P0P%3DU9rmyV-Jq%3D9*9HreB0V~n%3D9*lEre8D0DO%3DSahrOnU%3DSrDnO%3D!yre01Dk%3D3Eh9lrePU-0DO%3DU9UlSU9aSSr8x-P0G%3DSlUE*Elrx-P0K5n%3D9rDKO%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErP1DK%3Dre8D0x-P0G%3D9*9hr8J%3Dlm_WBnrLGG%3D9re8D0x-P0P%3DU9r-88Jx1%3Da%2CarVK%3DS9r-n%3DU%2CUr-JD0DO%3DU9UlSU9aSUre8D0G%3DHHE*EErx-P0G%3D9*a3rePU-0x-P0G%3D9rePU-0x-P0e8%3DSogSErx-P0Ke8%3D9rVnJ0VV-%3DU*U3rx-P0P%3DU9ryn1K%3DgSrGG%3DSAEree%3D9rPU-0G%3DS999rV-Jq%3D9*9HrePU-0x-P05n%3D9o9rGq%3DSr1lJ0G%3DU*EA%2ClS*3rD8O%3Dhl3ESE39HrDO%3D9rx8O%3DUUO3sbJ~z8scdZ8!ZfrGKO%3Dl9aAaSaElA9ah9aaEllESa3l9hhE33ASUUAAhHl3SHHhUS9UA3SS9hESSllEH3l3SHUAA9HA33hHU9UHU3Hh99SE3HaAUUhS3hhSUSEreBx%3D9*lErOUJ0P%3DS9rlJnL%3DS999rx8q%3D9rmy0qDb%3D9*9HrOqq0DK-y%3Db1-qmkfrOUJ0G%3D9*AhrmyOUJ0G%3D9*AErex-P0G%3DS*UArDD%3DIzrnn%3DwZrx8B%3DgSrnV%3D9r-JD0G%3DlS*3rex-P0P%3DU9rwC%3Dl93lr5G0xn%3DgUrkKD%3DHr5G0nn5D%3DgUrcdU%3D*p%2FJ*prnK%3DbxkVkGV-yrGDD0NQ7%3DIz%2CIzrG1D8DU%3DSAErG1D8DS%3DSAEr8DWVL%3D9r8ex-P0G%3D9*ahr8D8L%3D9rG8O%3D9*9HrOn%3DhrePU-0G%3DU*EAr8ex-P0P%3DU9rnGOJ%3D9*9UHr8KfJV08O%3DSErDVPPV-0K1y08O%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErDxJJPf0K1y08O%3DUAS9lSahre8VB1G8P8Kf%3D9*l3aAUrJmD%3D9rn1--8V-CO%3D9rmyG8O%3D9*9H9rGLP-%3D9*999rDx8O%3DrOKn%3DVx0GVrOqq0V-Jq%3DL1PDVrOqq%3Db1-qmkfrGOJn1JO%3D9rO1Py%3DOVL1xPKr8kDP%3D9rDmGJ%3DrbKqP%3DSrOnxK%3DH9rOmyG%3D9gSr8Gn%3DSrkD!%3DHrKyD%3DSE9~E99%7Cl99~U39%7Cl99~E99%7CllE~Uh9rGDG%3D9rGDJ%3D9rKq~%3DS9h&kKe=9&qqq=n_6)qEutP91LwWEOz)v2ZZ8PtS!Z4kdHVB-!nEDINBd_F26Wc91Qfe)-vnK1Yv6Pek.o-2s7_1lqYKAGSzEauWsQ8-Jz_LfxWRRVafvQ-L2%3D&8B=llE&8kCL-=S&GO-CO=HE9&G8O=lHA9El&5KKPV=QbV%20S9%204n1-8VDK%20Qb8kyD%20zGmxK%204J1ybVKK8%204K-1JD%20sPmBV-%20.8-P%20T-VDD%20g%20d1DKVP8k5*kVK&qnL=AAU9&fODJ-=S&51KJ-V=S&51KG8O=gS9l&n1Omq18k=K!WgbYnPgYhNKtYH6um8wNbhKnlzJ!xlJ(h8J9VHd!o%3D&fJPJ=S&8D8O=3&1Oe=.VkV-1P%204V1-nb&Jy8O=J9Sh9lh3a9EhKU9UlSU9aSh3E&DDPO=%7B%22DD8J%22%3A%22Sh3*SA3*aS*9%22%2C%22DDnn%22%3A%22wZ%22%2C%22DDDn%22%3A%22u.%22%2C%22DDnKf%22%3A%22Z%C3%83%C2%BCkVkGV-y%22%7D&bKqPD-n=S&sflct=5590675&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df48570d3feed4a258e40102ec5e059fcd6a4541e16b117942e106c72af8b668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25098
content-type
text/html
date
Thu, 07 Dec 2023 18:56:27 GMT
expires
Thu, 07 Dec 2023 18:56:27 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-sslh
checksync.php
contextual.media.net/ Frame 5263 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5965
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
Sat, 09 Dec 2023 18:56:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 528C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C3016%2C313%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
473320d7653a7a832d00e1f1192083fc09d1ec284f4deeb03816e8962e93b81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8070
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:26 GMT
expires
Sat, 09 Dec 2023 18:56:26 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame BEE3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=5359&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&cc=CH&cid=8CUQN152J&reqid=395455983225639534&vid=395455983225639534&dn=pastelink.net&rawDn=pastelink.net&requrl_dn=pastelink.net&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=ZG&ct=H%C3%83%C2%BCnenberg&zip=6331&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-common-envoy-959b6b648-m2zgb.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=140&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=56803&sckfl=0&sckfl2=0&smbrid=8394&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-1070141&geoll=false&is_ortb=true&s_ip=37.252.173.0&s_city=frankfurt+am+main&commit_id=3abc4605&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-07+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&proxy=envoy&rtttime=34&req_tid_present=true&pvid=460&prvAccId=835616504&prvApiId=8CU4FCKBR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=881526814&prspt=headerBid&prvReqId=25587009858303_1811945597_8815268144601&size=336x280&chnl=HARMONY&bdp=0.040&bid_uuid=73a56e12fd50c2dfdc74a8d9e04820ce&cbdp=0.024&og_cbdp=0.040&ogbdp=0.04&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.024&dsrc=-2&dp=0&dbf=1&epc=835616504&s=1&snm=SUCCESS&pcrid=8CU4FCKBR-835616504-49-12&tpbTkn=false&exid=218&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=36&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1701975385186&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.04&dmm_erpm=true&dmm_ogerpm=false&bcrid=446868522&strg=HARMONY&stagid=29103178&vls=0&scrid=446868522&mang=1&pvdTmax=108&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU4FCKBR&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU4FCKBR&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=4&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=29103178&mx_tgs=160x600%7C300x250%7C300x600%7C336x280&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=29103178&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23bsNed%3ADEFAULT%23%23NedCkflWithData%3ADEFAULT%23%23launchexp%3Atoken2%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&acid=df551389eb7f4903bc2bfdcc67cf1097&rtime=19.0&wsip=mowx-68754cb744-848cp&ltime=26.0&act=headerBid&abs=0%7C0%7Cxtmax%3D140%7Cbrr%3D0&adtypes=0&impId=1283243235759517662&reftime=15000&reftype=0&dsid=29103178&insl=0&gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&mowxReqId=df551389eb7f4903bc2bfdcc67cf1097_1&ecp=0.09&req_size=300x250%7C336x280%7C160x600%7C300x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=29103178&supplyTagId=29103178&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2023-12-07+18%3A56%3A25&__expireat=1701975985442&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.040&lo_cbdp=0.024&actltime=27&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.04~vw_exc%3D0.36~vis_sd%3D178~dc2%3D1~scd%3Dzg~v_asn%3D56803~vl2r_sd%3D2023120711~iurl_b%3D1326.63~url_tkc%3D0~std%3D%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456~last%3D~vis_url_b%3D0.08~ip%3D3oURwc~fbb%3D0~vis_url_l%3D20~riipua%3D7%2C7~et%3D10~rc%3D2%2C2~rps_sd%3D2023120712~vis_b%3D446.66~url_b%3D0.75~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~ecp_eer%3D2.25~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.04~vl2r_url_kc%3D0E0~bm%3D1~a3p_b%3D2.69%2C31.5~sid%3D835616504~sd%3D0~uid%3D22d5FhpxAiFMPHizHy~btd%3D3079717639078077633617530886559122998435144821029511086113364535142990495584202425480016547922815881216~vwu%3D0.36~d2p_l%3D10~3pcf%3D1000~uim%3D0~og_msh%3D0.04~dmm_strg%3Dharmony~d2p_b%3D0.98~ogd2p_b%3D0.96~vurl_b%3D1.29~ss%3DNA~cc%3DCH~uiw%3D-1~ce%3D0~rps_b%3D31.5~vurl_l%3D20~CI%3D3053~kb_uc%3D-2~nts%3D4~kb_ccks%3D-2~MP2%3D.*%2Fp.*~ct%3Dhunenberg~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.78~isif%3D0~bid%3D0.04~dc%3D8~vl2r_b%3D2.69~ivurl_l%3D20~cbdp%3D0.024%7Eitype_id%3D16%7Eseller_tag_id%3D%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456%7Esupply_tag_id%3D29103178%7Eviewability%3D0.35792%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.040%7Ebflr%3D0.000%7Esuid%3D%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Ddefault%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~nsz%3D4~tgs%3D160x600%7C300x250%7C300x600%7C336x280~bsb%3D0~bsp%3D0~tmx%3D108&utime=1755&sf=0&cpr=0.7004330861781698
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:26 GMT
rd_log
fra1-ib.adnxs.com/ Frame BEE3 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QKQBOgQAgAAAwDWAAUBCNmqyKsGEJr4nKPD-53WQxgAKjYJ2H471IMukz8R5x7SPP04kj8ZAAAAYD0Ktz8h5w0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4w4cGgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2J2cHl1ejJxgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-5XCAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xODUuMTk1LjcxLjIxNagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AQF5ViIBQGYBQCgBaLr6qTnn4jhdsAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFhOxu-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHw4cG0gcNFWUBJgjaBwYBXqAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIANIIBggAEAAYAA..&s=e7c0e9fc904bf883191b1b3ad0b983fa1bf4710f&bdref=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q,https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
1fcbc20a-4219-4a04-89e9-d7f7e5ae555a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame BBC9 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QLYBOhYAgAAAwDWAAUBCNmqyKsGEN_T1YvH04itGhgAKjYJ-n5qvHSTmD8RPN9PjZdukj8ZAAAAYD0Ktz8hPA0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUCVCUhgUKrYitUBWJjVUmAAaJH3a3jDhwaAAQGKAQNVU0SSAQEG9CoBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9idnB5dXoycYADAIgDAZADAJgDF6ADAaoDQBIXMzk1NDU1OTgzMjI1NjM5NTM0X3NiaWQaEzE4OTg4NjgyNDgyMDM4NDgxNTkiCTQ0Njg2ODUyMioFTTExNzPAA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQQCAAQARjAAiDgAygAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASq2IrVAYgFAZgFAKAF7qTe4_GjvL4FwAUAyQUAAAAAAADwP9IFCQkBCgEBcNgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGr_EB2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHw4cG0gcNCREoASYI2gcGAV7AGADgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=3f5cd17a87e197ca9287050562523ff9060967c5&type=nv&nvt=5&jm=1003&px=0&py=0&bw=336&bh=280&sid=3655032991320321639&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=29103178&sw=1600&sh=1200&pw=1600&ph=3429&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
an-x-request-uuid
04648b7a-a4bd-4ee5-915d-ec8ed0a1e81d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AAC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn-Zg6i6E2Qj0kPJdSVaxAc_YBtI7bRiwPaKAdZWivhQKe90QHiJOuCsq3HrSv-Z0GNSN4bg0bBa7w-LTVrA6ZtMfYOyOVueGqjpFzq7PICWbN70m_kCqRYgjy9zYacfRZmwpoAIrXbQro29C9Q2CgeNlRzN7t8N3R2d6s5KG4gQyAtFh8pHxFv4_tKPywSpERLqH-0RkD4eQKoGwp9Cy2ufJ-G6DL6yPlVkUZv59Niy79hKp3L4ZVYWj9Il_sewwKPWryV_UbevCHl3-0hrPrKMZeUKvKHLEm8qx_F466qnZuVEBsdi8_dd_n3jVwYLZv7oMFMQDUdHppwdx0DuoDLJk2UMr0OIg1Iw9MXELuEfyZtHKOIrlJCCK95s79sVsQsg&sai=AMfl-YTaaQQKB5081y0VdmYGZXNKKErOlI6X7uIu_FoEXfvGp9gGw9TKmc2jiC1G0ioDApOAtUUGCvd2AAJ925UQYnHxn7l0z3fR1CQFHYMmp1b8BAMpXnkxK_la3ORbnM_kIyxovYzFp_iJLA&sig=Cg0ArKJSzKRVTCzamskhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 18:56:27 GMT
usync.js
eus.rubiconproject.com/ Frame 0039 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=getmedia&endpoint=https://rt.marphezis.com/sync?dpid=1%26puid=$rubicon_user_id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44291
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BEE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhSjObBetxg2BDPE63Cg8R85sEYEskTicWShMGyPMsjAvifGk1EoS-wgFGrSaZmPZgMeehoX9sUng8ngXLRbDb5oLUunhP2SJOnEWahRss0KRQi3ZoAm203qcp5o9mM6fWjIF-_r9ITOfPwtS4nuRI4dKfH7OBohfgmamzAyrYqMUe-kVNNWV6NWr5CDeA0MpawHDZ98NwBQ1YGKEHdlFQnprzzE_Vk-wab038_eL14SuImvpgrPUN0TjULcZRkSwoEKE-XM2N1zT4RinuqImjJoubRD7wIw2Swnxc8FRP4RuxH7KUNYVy9UmugZ08SXoacUNPA89CkwHpJMOCYeYLdc5c5cFnsyL0_izhM4N6FvEeRw-B9C1vaXDP&sai=AMfl-YScMBHSn3ObH8p7YsXwdFdr7Das2MmaE1K8-I2bkTTh9iis4UitmzGSkD-a6DCuUQuh18bGuGjNxjX7Z0YklVpMCeZaAByF3qjruLSXi9I7NnNhDenik8PSxPmgyClWwr-oYsiMw4LGYQ&sig=Cg0ArKJSzPZtrMFKB7ZBEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Dec 2023 18:56:27 GMT
truncated
/ Frame BEE3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0a57e0efbdae8b54503e74fed543a5f1d160fc1955836d5db105b9a7c12efea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame BEE3 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QLXBOhXAgAAAwDWAAUBCNmqyKsGEN7f-d7I3b_nERgAKjYJ-n5qvHSTmD8RPN9PjZdukj8ZAAAAYD0Ktz8hPA0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUCVCUhgUKrYitUBWJjVUmAAaJH3a3jDhwaAAQGKAQNVU0SSAQEG9GkBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9idnB5dXoycYADAIgDAZADAJgDF6ADAaoDQBIXMzk1NDU1OTgzMjI1NjM5NTM0X3NiaWQaEzEyODMyNDMyMzU3NTk1MTc2NjIiCTQ0Njg2ODUyMioFTTExNzPAA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQPCAAQARh4INgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKrYitUBiAUBmAUAoAXupN7j8aO8vgXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAANP3QQABgA4AYB8gYCCACABwGIBwCgBwHIB8OHBtIHDQkNJQUmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=7b1e7a6bbe40a07b9f40beed48425f7d706fa6cb&type=nv&nvt=5&jm=1003&px=1082&py=473&bw=336&bh=280&sid=3655032991320321639&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=29103178&sw=1600&sh=1200&pw=1600&ph=3429&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
an-x-request-uuid
171ec602-8b4e-4a6d-aaaf-49a757b671b2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 0039 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
/
ssc-cms.33across.com/ps/ Frame 4F09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
server
33XP006
x-33x-status
2020008
sync
rt.marphezis.com/ Frame 0039
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=getmedia&khaos=LPVK77XO-1F-JLPD
  • https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LPVK77XO-1F-JLPD
0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LPVK77XO-1F-JLPD
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
access-control-allow-credentials
true
vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rt.marphezis.com/sync?dpid=rubicon_getmedia&puid=LPVK77XO-1F-JLPD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
bql.php
lg3.media.net/ Frame 61B4 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6559&&vgd_canary=0&vgd_l2type=scs_newfl&fp=7Qp1a2yAgQqtrF-rYirXkLMtV0ic_BnRjdxuZz8TKKq0IaG7TBhQ15DUX6P16uypPvnlaDRbMgoAViUW0E2Qxvyu7FmxLKB4YkIyvk7U0AU_zET1bMM_OsNrjYJB0xxs_Na0ICLu2no%3D&cme=Hm_QO4EsdOcOWbaC0pBBTXND9iw7V93HYx4PscXWzYVx5vFQ8HQJ7GQBAO0UsDXaOvOFnDKSxb2OLCWtxFXnAmE9_wMTWNlhHdphRbY5D7hxcIdNtSvrHM71iofbsbBdvQWvhUgCDb4keNJMedAj-bp27IOekkc44DEQXMVRk4mAtJNS9QwF_sCaC4sDWwQsWhS6of1shfsPnliZ_-WZeQnHmADuSvzL-xdih_TNGqSvgDc6mccDRg%3D%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7C2M_MohqX07GY78A3qA1nB-U9DPDfdnTMR8mlvz6fiao2O-5Gx5b6RaLT0LsnCxYXUM0trvxRHg5qLu-4L6K7eRKiFNBQGTTySq0BiqqahunjMSVH51Lm1nqLfiiCyN71LKupcdNVjGdlQcUkf3wOzaaGT0mXt2wcw4hvjpE9r8t7_zYdW6SOfErXWoWqFbuVlS67D7oOySZmkn8kR_C4Of8Zi6FKkgLYPd-e4SedD5p4WZr76VAGl9bjjhaYI7jZIEFUXMY3XKITZ6L6UjNyb2eMjXsgL55n%7Cu8A6SM53vAddm10tWuVKqCMJyoPj4lrs%7CDGYsJEiSixHSP5r3D-YKL-HlKobbaQhq%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7R2wJ1rjRhMHd8zJXf1_-bcSGrm43ddpsCftmQ1UbAgw%3D%3D%7Cxrl5Md8q4-_JOyM93sW-EW1YB9G19zQ3TskEbCw3hNI%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=439&vgde_kbbh=ffoyxQJuO&kwd[]=Vintage+Clothing+for+Women&kwt[]=439&kbc[]=1300920005&kwp[]=1&kid[]=30022339&kbc2[]=clust%3D2%7C%7Cshopping+%3E+apparel%7C%7Cdiff%3D1%7C%7Csetid%3D1%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0410%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C74%3D2.02%7C80%3D1.31%7C60%3D0.10%7C12%3D0.08%7C53%3D0.77%7C1%3D0.45%7C2%3D1.30&ktd[]=293579225359778048&kwd[]=Free+Dress+Pattern&kwt[]=439&kbc[]=1300920005&kwp[]=2&kid[]=11551609&kbc2[]=clust%3D2%7C%7Cshopping+%3E+apparel%7C%7Cdiff%3D1%7C%7Csetid%3D9%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0463%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C74%3D2.02%7C80%3D1.31%7C60%3D0.07%7C12%3D0.17%7C53%3D0.16%7C1%3D0.28%7C2%3D1.29&ktd[]=2599421684817658112&kwd[]=Buy+Toddler+Girl+Dresses&kwt[]=423&kbc[]=1301023878&kwp[]=3&kid[]=361319975&kbc2[]=pmb%3D2%7Cemlp%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0351%7C14%3D120714%7Cokt%3D423%7Cbdkt%3D423%7Cps%3D0.827%7C74%3D2.02%7C80%3D1.31%7C60%3D0.07%7C12%3D0.15%7C53%3D0.89%7C1%3D0.53%7C2%3D1.64&ktd[]=4503874522120448&kwd[]=Best+Dresses+for+Baby+Girls&kwt[]=423&kbc[]=1301023878&kwp[]=4&kid[]=361319780&kbc2[]=pmb%3D2%7Cemlp%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0351%7C14%3D120714%7Cokt%3D423%7Cbdkt%3D423%7Cps%3D0.827%7C74%3D2.02%7C80%3D1.31%7C60%3D0.07%7C12%3D0.15%7C53%3D0.89%7C1%3D0.53%7C2%3D1.64&ktd[]=4503874522120448&kwd[]=H%26M+Girls+Dresses&kwt[]=439&kbc[]=1300920005&kwp[]=5&kid[]=363375384&kbc2[]=clust%3D2%7C%7Cshopping+%3E+apparel%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0351%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C74%3D2.02%7C80%3D1.31%7C60%3D0.07%7C12%3D0.15%7C53%3D0.89%7C1%3D0.53%7C2%3D1.64&ktd[]=1734731106118336768&kwd[]=Ballerina+Flower+Girl+Dress&kwt[]=439&kbc[]=1203635240&kwp[]=6&kid[]=2944986&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0447%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C74%3D2.02%7C80%3D1.31%7C60%3D0.07%7C12%3D0.15%7C53%3D0.74%7C1%3D0.47%7C2%3D1.69&ktd[]=1730226956735152384&v=1&gdpr=1&geo=47.18%7C8.43&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=CH&wsip=170774562&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%2C%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQQN%22%3A%222Z%22%7D&cid=8CU4FCKBR&vi=1701975386734271345&vsid=DefVid&tdAdd[]=asnum%3D56803&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L340-S340&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_refdomain=pastelink.net&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c80a&vgd_nrrsf=scrr&vgd_cty=hunenberg&vgd_ifrmode=13&sttm=1701975386786&upk=1701975387.27813&hvsid=00001701975386786031165826569044&verid=3111299&sbdrId=196&tsrc=entity&vgd_l1rakh=1701975386199316144&vgd_ecrid=446868522&vgd_isiolc=1&kbbq=%26asn%3D56803&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9H~eBMJ-Nv9.AF~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvSffH9XHWu9iuS01Q7Jj8zUMbfbMVz7JLQ78781jMDab%23GQ1olmzJMuFhXWFWHXAu9ioXMufAHXF~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vu9~LNvu~LEQMQOvf9fAuf9huf~e8QMGvHh9.9W~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvf.fX~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9H~ejfLMxLjMUNv949~GYvu~1AEMGvf.hA%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvffOXZ%20DhEaFjYNHw1p~G7OvA9hihuhFAi9hW9hhFAAFuhXA9WWFXXiuffiWHiXXuhuHi9XifhHf9XFHhAuihAhAXXu9FiWh9AFiHFAHF99AiWAiWifXF9uWihffFfH~eBxv9.AF~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9H~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvA~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9H~ONvW~ejfLMGvf.hA~8exLjMjvf9~NGOEv9.9fH~875EJM8OvuF~QJjjJLM71yM8OvSffH9XHWu9iuS01Q7Jj8zUMbfbMVz7JLQ78781jMDab%23GQ1olmzJMuFhXWFWHXAu9ioXMufAHXF~QxEEj5M71yM8Ovfiu9AuhW~e8JB1G8j875v9.AXhif~EmQv9~N1LL8JLVOv9~myG8Ov9.9H9~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvA~7yQvA99-fX9%7CA99-F99%7CAAF-fW9~GQGv9~GQEv9~7Y-vu9W&vgd_cfud=230301&vgd_scsver=279&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001701975386786031165826569044&rc=0&rand=1701975387207&acid=19e03c9b4dafa806baaf698552cd33f4&matm=1701975387207&vgd_ltimesrc=1&vgd_ltime=478&vgd_rtime=476&vgd_etm=3&vgd_l1hcsd=Og4dd%7C8031&vgd_l1ch=1&vgd_lhl=1341&vgd_pgid=p01803857068t202312071856&vgd_csip=rtb-common-envoy-959b6b648-m2zgb.BE&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CDIV-creative%7CDIV-card&vgd_crefurl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D16e%2C13%2Cb%2C16i%2Ce%2C16j%2Cf%2C16m%2C16n%2Ci2%2Ck7%2Cq%2C3%2C4%2C1g%2C6%2C7%2C8%2C9%2Cy5%2C16b%2C1o%2C16c%2Cy7%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2525&&kkdd=uA%7CW%7CuHhn3*A9&222=bRSU6OlIUOKhli-U.mTpbLIxQKMv-ud~aQnUz(9*SrhVscyHf5SRU_%3D%3D&aW=mqNm)qAvHyqvsdqmvsA&_iY2=m&MkY*=N&lia=mmd)&bklh=OvsN&lWi=H1Xsn1.JS&lYli=Y5ybGQbrb15l9N0Ip29hQz%3D%3D&l2Wi=HvAymyANs&kWRh=vvyLdHN&ll=1D&kl=-D&l6jM=DwS!CV9&YWi=H(C13d3Co&bYWi=3dmvvsd&6bbYk=m&ep2P=6bbYk%3A%2F%2FY*kbhIWjeEjhb&hep2P=pqqTz%3ArrTmzqu7HRXERuq&jkh=A&Ip=m&f_i=s&*ibm=H1XzVmAdu&*ibd=HHmAdyHms&xi*b*=kid%3DjfIIFWf2IKI%3DdNFQ_h2YM%3DNENsFapKhLl%3DNEvyFaWkKki%3DmqHFild%3DmFkli%3DR_FaK*kj%3DAyHNvFaId2Kki%3DdNdvmdNqmmFWf2IKx%3DmvdyEyvFf2IKbel%3DNFkbi%3D%2FddsNAsHmN)m%2F(*kbhIWjeKrdrKGjbh2kbWbW*IKSCr%23xk*URQjhKmyqAHyHsAvmN)UAKmdvsAyFI*kb%3DFaWkKf2IKx%3DNENHFWY%3DvQXSplFPxx%3DNFaWkKf2IKI%3DdNF2WWYf*%3Dq%2CqFhb%3DmNF2l%3DmF2YkKki%3DdNdvmdNqmdFaWkKx%3DsqNENHFf2IKx%3DNEqAFaId2Kf2IKx%3DNFaId2Kf2IKaW%3DmTUmyFf2IKbaW%3DNFhlYKhh2%3DdEdAFf2IKI%3DdNF_l*b%3DUmFxx%3Dm)yFaa%3DNFId2Kx%3DmNNNFh2YM%3DNENsFaId2Kf2IKel%3DNTNFxM%3DmF*vYKx%3DdEqv%2CvmEAFkWi%3DHvAymyANsFki%3DNFfWi%3DddiA~cSqYCyIMls6*oFxbi%3DvNq)qmqyv)NqHNqqyvvymqAvNHHyAA)mdd)Hs)AAmqms)NA)dqsdNAysqvm)qvqvAAmNy)HqNvy)syvsyNNv)Hv)H)dAyNmH)qddydsFapf%3DNEvyFidYKI%3DmNFvYlP%3DmNNNFfWM%3DNFQ_KMk6%3DNENsFiMMKkb2_%3D6*2MQj0FidYKx%3DNE)HFQ_idYKx%3DNE)yFaf2IKx%3DmEd)Fkk%3DVwFll%3D1DFfWp%3DUmFlh%3DNF2YkKx%3DvmEAFaf2IKI%3DdNF1G%3DvNAvFexKfl%3DUdFjbk%3DvFexKllek%3DUdF!(d%3DEg%2FYEgFlb%3D6fjhjxh2_FxkkK.3o%3DVw%2CVwFx*kWkd%3Dm)yFx*kWkm%3Dm)yFWkShP%3DNFWaf2IKx%3DNEqHFWkWP%3DNFxWi%3DNENsFil%3DHFaId2Kx%3DdEqvFWaf2IKI%3DdNFlxiY%3DNENdsFWb0YhKWi%3DmyFkhIIh2Kb*_KWi%3D%2FddsNAsHmN)m%2F(*kbhIWjeKrdrKGjbh2kbWbW*IKSCr%23xk*URQjhKmyqAHyHsAvmN)UAKmdvsAyFkfYYI0Kb*_KWi%3Dd)mNvmqHFaWhp*xWIWb0%3DNEvAq)dFYQk%3DNFl*22Wh2Gi%3DNFQ_xWi%3DNENsNFxPI2%3DNENNNFkfWi%3DFibl%3DhfKxhFiMMKh2YM%3DP*IkhFiMM%3D6*2MQj0FxiYl*Yi%3DNFi*I_%3DfjWkQjdyFWjkI%3DNFkQxY%3DF6bMI%3DmFilfb%3DsNFiQ_x%3DNUmFWxl%3DmFjkR%3DvFb_k%3DvNNLdAN%7CvNNLyNN%7CvvyLdHNFxkx%3DNFxkY%3DNFbML%3DmNH&jba=N&MMM=lXuBMy-CIN*P1SyiwB79DDWICmRDrj(shp2RlykV.p(Xc9uS!N*30aB27lb*O7uIaj~T29noX*vMOb)xmwyq-Sn3W2YwXP0fSJJhq0732P9%3D&Wp=N&WjGP2=m&xi2Gi=syN&xWi=vs)NyA&ebbIh=36h%20mN%20rl*2Whkb%2036Wj_k%20wxQfb%20rY*_6hbbW%20rb2*Yk%20nIQph2%20~W2I%2052hkk%20U%20(*kbhIWjeEjhb&MlP=))dN&0ikY2=m&e*bY2h=m&e*bxWi=UmNv&l*iQM*Wj=bRSU6OlIUOH.bCOsu-QW1.6HblvwYRfvY4HWYNhs(RT%3D&0YIY=m&WkWi=A&*ia=~hjh2*I%20rh*2l6&Y_Wi=YNmHNvHAqNyHbdNdvmdNqmHAy&kkIi=%7B%22kkWY%22%3A%22mHAEm)AEqmEN%22%2C%22kkll%22%3A%221D%22%2C%22kkkl%22%3A%22-~%22%2C%22kklb0%22%3A%22D%C3%83%C2%BCjhjxh2_%22%7D&6bMIk2l=m&sflct=5590675&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:27 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Thu, 07 Dec 2023 18:56:27 GMT
setuid
px.ads.linkedin.com/ Frame 0039
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPVK77XO-1F-JLPD
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPVK77XO-1F-JLPD
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A9469CD3F4C243B7809306436F22C127 Ref B: ZRHEDGE1612 Ref C: 2023-12-07T18:56:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYL8AZiFMreBdQOlvDm3w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPVK77XO-1F-JLPD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0039
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LPVK77XO-1F-JLPD&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPVK77XO-1F-JLPD&ex=d-rubiconproject.com&status=ok
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2B3P19EF190TKMDY925N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPVK77XO-1F-JLPD&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0039
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBWSzc3WE8tMUYtSkxQRA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDMl82O58zqW3WQUQol7Bmo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWSzc3WE8tMUYtSkxQRA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWSzc3WE8tMUYtSkxQRA==&google_push=
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWSzc3WE8tMUYtSkxQRA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0039
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ2ZjRhN2ViNmI1NTI2YjZlNmNmNmNjMTJhMzgyODgzNWE1ZjRmMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ2ZjRhN2ViNmI1NTI2YjZlNmNmNmNjMTJhMzgyODgzNWE1ZjRmMA
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTQ2ZjRhN2ViNmI1NTI2YjZlNmNmNmNjMTJhMzgyODgzNWE1ZjRmMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0039
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=YWR6khGjQnCMr_HQ_AI_Lg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YWR6khGjQnCMr_HQ_AI_Lg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YWR6khGjQnCMr_HQ_AI_Lg
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QTZ17S8BKD2TJ5GSVDYY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=YWR6khGjQnCMr_HQ_AI_Lg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0039
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECZ89Qbn9wssU9Pk-AH5pEQ&google_cver=1
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECZ89Qbn9wssU9Pk-AH5pEQ&google_cver=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECZ89Qbn9wssU9Pk-AH5pEQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 0039 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 0039
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=i4a4kaZHTd2LJZP5bABtWw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i4a4kaZHTd2LJZP5bABtWw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i4a4kaZHTd2LJZP5bABtWw
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9T7TYH8P1GADVVG2M3JJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=i4a4kaZHTd2LJZP5bABtWw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0039
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/y7_BO_TlkzTBPv9ml_TUmMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WgxpUOtE2oKjOxCv2jTXwg1ZBdEEdZqQ4KrgUA--~A
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WgxpUOtE2oKjOxCv2jTXwg1ZBdEEdZqQ4KrgUA--~A
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WgxpUOtE2oKjOxCv2jTXwg1ZBdEEdZqQ4KrgUA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 0039
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACdF07K5CsAABT32dTPbw&expires=30
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACdF07K5CsAABT32dTPbw&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACdF07K5CsAABT32dTPbw&expires=30
Date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 0039
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LPVK77XO-1F-JLPD
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPVK77XO-1F-JLPD
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:26 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPVK77XO-1F-JLPD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 0039
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=cbd7d152-d96d-4294-899a-43f48f7d9ce0&expires=30
42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=cbd7d152-d96d-4294-899a-43f48f7d9ce0&expires=30
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=cbd7d152-d96d-4294-899a-43f48f7d9ce0&expires=30
Date
Thu, 07 Dec 2023 18:56:27 GMT
Connection
keep-alive
X-CI-RTID
122508a9-1777-417c-856d-d2bc74cfd632
Content-Length
144
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 0039
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPVK77XO-1F-JLPD
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPVK77XO-1F-JLPD
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
52.58.31.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-31-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPVK77XO-1F-JLPD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 0039
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPVK77XO-1F-JLPD
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPVK77XO-1F-JLPD
95 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPVK77XO-1F-JLPD
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPVK77XO-1F-JLPD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
capi.connatix.com/us/ Frame 0039
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LPVK77XO-1F-JLPD&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LPVK77XO-1F-JLPD&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPVK77XO-1F-JLPD&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
831efd1cbe3824be-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 07 Dec 2023 18:56:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPVK77XO-1F-JLPD&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
831efd1c2cdd24be-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame 0039
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LPVK77XO-1F-JLPD
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPVK77XO-1F-JLPD
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:27 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LPVK77XO-1F-JLPD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=3750026805100321&bg=!1tWl1ZrNAAY3kmNgF5I7ADQBe5WfOBQ9CIhLl5APqX8jEs40-4opK7Bb6A9IxcfyeLeLHQss_UuoXSQVsx67Wt9TXF43AgAAAINSAAAAAmgBBwoAzYvxbHqrkPcyvbAL30OKG8-m0kTw7DTWrJHw25IHvqNhkFaiN39854nLCjsHONUWbcRvJxdazuZRB_v8ab0sGw657lDpmdjIX4l3JO9xJFH94vk7BIQ1OtewvDNki_owIkoSkdGSsVQzhyrRNu9i0UpyCsM1e7xc5Phuxcsf2uZuebUtGMdl0yayroowy7tgkpOrxPDC_pr8u5FRdL9PjaI5wB1L9DLl7wnSykLzFLLuwKm0t5GTEF-UFxfhpg_fkXYuXlskrqhSKe7lHSSZAr0rq2nHpLyBfHj9aUTb-1OQyuLaDq0EfgZW6G93kYJzTo1nP6rlPvkqKa_8N1WG_j_HZ_eonY2sdUvdj9TxDGT7F7rqX5riif9lEpkpzn9NHmoUqbPRIS-LtRnXCipC_htdyHrnQKBphs9mCbmzjOU5scjZZ9OsyqL_1GP3Ovpi7_6bqM52d4pnq5n-hjy-ziBz5984185vY2cWIquazHT7Rih-kaDWGFZel4nSXbjn8qK6ZVFrvJsbYH3Nx1PMp4JPpCisoGOe2TE_nClpNAK7qNP8lDovYTTC2uSYdmeU_Kp2rScKcHJrgH-lUVWop-_qY0gzWTXzFHM8pnku7WIum5xMqpWATSYcUc5wISGzs8HSbPgtw-hrmrmofUznG364xujUQ313i1nIjLGgV8mOz583Db56moGqPKAfIc99CWixhqKZwgnlVtxv5t6czyPc9VDDPxbVWdbiBaXzczC9H2_t2MQsMEdO85DAgHW4A0YIb4oKF7IoDDy48s1XHSf_tncNDrDV6u8ekymn3rhuDCa1nF3NCRzUzuevPVrL8MQ_uhYaWxUDwzTsXKadJS5TkxxldF-3CkL2gm7lyn_jAD27Da7aLszwQh0qKNIcpJ-D8cI8jKq3ukO3raqE56jtFvJkDwaCBGSXLttIwjZTERJmalgc2WDZgMLIbuVf-IlD3eQEbBoFTBPu4lM4DDyih6KI8Z56Tu7MqhUw53t91acLukhkYAf9PdnTMHEcPfIIy2jRYmeKVIGzmWKbZEFp1MqiKCJl3kkEPu2zFpiyUK20CcQLlyHpTq3wYmoyRvlrfAwsKsZy9rSSM8w_89jiewIWGiP2nspQG6ZX4BkkgQFCAcXea0vFGxJaa_AG1QQ9HcF9X1h1e2KbgkADOzYcSbCpmOEJjiX7yZwQVmJXVOuO4K_EcPBZWTzyVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 9836 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9836 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 9836 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2462&&kkdd=!%7CH%7CA*n9&e8=Sa9SAa3lhEUUAa9Ha9H&yOJ-=S&qDJ1=9&nOe=SSUA&KDnV=YlH9&n8O=hw_HswNRW&nJnO=JTEKCmK4KwTn29fPB-2VmM%3D%3D&n-8O=hl3ESE39H&D8!V=llE~Uh9&nn=wZ&Dn=uZ&nbkq=ZzWctI2&J8O=hdtwQUQt7&KJ8O=QUSllHU&bKKJD=S&---=K!WgbYnPgY0VnOugNSoBK~PGm0qlu6U.emsgMd21W4VIHFEhxTW!gy%3D%3D&kDV=3&PB=S&xyO=H&1OKS=hw_MIS3U6&1OKU=hhS3UEhSH&GO1K1=DOU%3DkxPPr8x-P0P%3DU9rmyV-Jq%3D9*9HreB0V~n%3D9*lEre8D0DO%3DSahrOnU%3DSrDnO%3D!yre01Dk%3D3Eh9lrePU-0DO%3DU9UlSU9aSSr8x-P0G%3DSlUE*Elrx-P0K5n%3D9rDKO%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErP1DK%3Dre8D0x-P0G%3D9*9hr8J%3Dlm_WBnrLGG%3D9re8D0x-P0P%3DU9r-88Jx1%3Da%2CarVK%3DS9r-n%3DU%2CUr-JD0DO%3DU9UlSU9aSUre8D0G%3DHHE*EErx-P0G%3D9*a3rePU-0x-P0G%3D9rePU-0x-P0e8%3DSogSErx-P0Ke8%3D9rVnJ0VV-%3DU*U3rx-P0P%3DU9ryn1K%3DgSrGG%3DSAEree%3D9rPU-0G%3DS999rV-Jq%3D9*9HrePU-0x-P05n%3D9o9rGq%3DSr1lJ0G%3DU*EA%2ClS*3rD8O%3Dhl3ESE39HrDO%3D9rx8O%3DUUO3sbJ~z8scdZ8!ZfrGKO%3Dl9aAaSaElA9ah9aaEllESa3l9hhE33ASUUAAhHl3SHHhUS9UA3SS9hESSllEH3l3SHUAA9HA33hHU9UHU3Hh99SE3HaAUUhS3hhSUSEreBx%3D9*lErOUJ0P%3DS9rlJnL%3DS999rx8q%3D9rmy0qDb%3D9*9HrOqq0DK-y%3Db1-qmkfrOUJ0G%3D9*AhrmyOUJ0G%3D9*AErex-P0G%3DS*UArDD%3DIzrnn%3DwZrx8B%3DgSrnV%3D9r-JD0G%3DlS*3rex-P0P%3DU9rwC%3Dl93lr5G0xn%3DgUrkKD%3DHr5G0nn5D%3DgUrcdU%3D*p%2FJ*prnK%3DbxkVkGV-yrGDD0NQ7%3DIz%2CIzrG1D8DU%3DSAErG1D8DS%3DSAEr8DWVL%3D9r8ex-P0G%3D9*ahr8D8L%3D9rG8O%3D9*9HrOn%3DhrePU-0G%3DU*EAr8ex-P0P%3DU9rnGOJ%3D9*9UHr8KfJV08O%3DSErDVPPV-0K1y08O%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErDxJJPf0K1y08O%3DUAS9lSahre8VB1G8P8Kf%3D9*l3aAUrJmD%3D9rn1--8V-CO%3D9rmyG8O%3D9*9H9rGLP-%3D9*999rDx8O%3DrOKn%3DVx0GVrOqq0V-Jq%3DL1PDVrOqq%3Db1-qmkfrGOJn1JO%3D9rO1Py%3DOVL1xPKr8kDP%3D9rDmGJ%3DrbKqP%3DSrOnxK%3DH9rOmyG%3D9gSr8Gn%3DSrkD!%3DHrKyD%3DSE9~E99%7Cl99~U39%7Cl99~E99%7CllE~Uh9rGDG%3D9rGDJ%3D9rKq~%3DS9h&kKe=9&qqq=n_6)qEutP91LwWEOz)v2ZZ8PtS!Z4kdHVB-!nEDINBd_F26Wc91Qfe)-vnK1Yv6Pek.o-2s7_1lqYKAGSzEauWsQ8-Jz_LfxWRRVafvQ-L2%3D&8B=llE&8kCL-=S&GO-CO=HE9&G8O=lHA9El&5KKPV=QbV%20S9%204n1-8VDK%20Qb8kyD%20zGmxK%204J1ybVKK8%204K-1JD%20sPmBV-%20.8-P%20T-VDD%20g%20d1DKVP8k5*kVK&qnL=AAU9&fODJ-=S&51KJ-V=S&51KG8O=gS9l&n1Omq18k=K!WgbYnPgYhNKtYH6um8wNbhKnlzJ!xlJ(h8J9VHd!o%3D&fJPJ=S&8D8O=3&1Oe=.VkV-1P%204V1-nb&Jy8O=J9Sh9lh3a9EhKU9UlSU9aSh3E&DDPO=%7B%22DD8J%22%3A%22Sh3*SA3*aS*9%22%2C%22DDnn%22%3A%22wZ%22%2C%22DDDn%22%3A%22u.%22%2C%22DDnKf%22%3A%22Z%C3%83%C2%BCkVkGV-y%22%7D&bKqPD-n=S&sflct=5590675&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2462&&kkdd=!%7CH%7CA*n9&e8=Sa9SAa3lhEUUAa9Ha9H&yOJ-=S&qDJ1=9&nOe=SSUA&KDnV=YlH9&n8O=hw_HswNRW&nJnO=JTEKCmK4KwTn29fPB-2VmM%3D%3D&n-8O=hl3ESE39H&D8!V=llE~Uh9&nn=wZ&Dn=uZ&nbkq=ZzWctI2&J8O=hdtwQUQt7&KJ8O=QUSllHU&bKKJD=S&---=K!WgbYnPgY0VnOugNSoBK~PGm0qlu6U.emsgMd21W4VIHFEhxTW!gy%3D%3D&kDV=3&PB=S&xyO=H&1OKS=hw_MIS3U6&1OKU=hhS3UEhSH&GO1K1=DOU%3DkxPPr8x-P0P%3DU9rmyV-Jq%3D9*9HreB0V~n%3D9*lEre8D0DO%3DSahrOnU%3DSrDnO%3D!yre01Dk%3D3Eh9lrePU-0DO%3DU9UlSU9aSSr8x-P0G%3DSlUE*Elrx-P0K5n%3D9rDKO%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErP1DK%3Dre8D0x-P0G%3D9*9hr8J%3Dlm_WBnrLGG%3D9re8D0x-P0P%3DU9r-88Jx1%3Da%2CarVK%3DS9r-n%3DU%2CUr-JD0DO%3DU9UlSU9aSUre8D0G%3DHHE*EErx-P0G%3D9*a3rePU-0x-P0G%3D9rePU-0x-P0e8%3DSogSErx-P0Ke8%3D9rVnJ0VV-%3DU*U3rx-P0P%3DU9ryn1K%3DgSrGG%3DSAEree%3D9rPU-0G%3DS999rV-Jq%3D9*9HrePU-0x-P05n%3D9o9rGq%3DSr1lJ0G%3DU*EA%2ClS*3rD8O%3Dhl3ESE39HrDO%3D9rx8O%3DUUO3sbJ~z8scdZ8!ZfrGKO%3Dl9aAaSaElA9ah9aaEllESa3l9hhE33ASUUAAhHl3SHHhUS9UA3SS9hESSllEH3l3SHUAA9HA33hHU9UHU3Hh99SE3HaAUUhS3hhSUSEreBx%3D9*lErOUJ0P%3DS9rlJnL%3DS999rx8q%3D9rmy0qDb%3D9*9HrOqq0DK-y%3Db1-qmkfrOUJ0G%3D9*AhrmyOUJ0G%3D9*AErex-P0G%3DS*UArDD%3DIzrnn%3DwZrx8B%3DgSrnV%3D9r-JD0G%3DlS*3rex-P0P%3DU9rwC%3Dl93lr5G0xn%3DgUrkKD%3DHr5G0nn5D%3DgUrcdU%3D*p%2FJ*prnK%3DbxkVkGV-yrGDD0NQ7%3DIz%2CIzrG1D8DU%3DSAErG1D8DS%3DSAEr8DWVL%3D9r8ex-P0G%3D9*ahr8D8L%3D9rG8O%3D9*9HrOn%3DhrePU-0G%3DU*EAr8ex-P0P%3DU9rnGOJ%3D9*9UHr8KfJV08O%3DSErDVPPV-0K1y08O%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErDxJJPf0K1y08O%3DUAS9lSahre8VB1G8P8Kf%3D9*l3aAUrJmD%3D9rn1--8V-CO%3D9rmyG8O%3D9*9H9rGLP-%3D9*999rDx8O%3DrOKn%3DVx0GVrOqq0V-Jq%3DL1PDVrOqq%3Db1-qmkfrGOJn1JO%3D9rO1Py%3DOVL1xPKr8kDP%3D9rDmGJ%3DrbKqP%3DSrOnxK%3DH9rOmyG%3D9gSr8Gn%3DSrkD!%3DHrKyD%3DSE9~E99%7Cl99~U39%7Cl99~E99%7CllE~Uh9rGDG%3D9rGDJ%3D9rKq~%3DS9h&kKe=9&qqq=n_6)qEutP91LwWEOz)v2ZZ8PtS!Z4kdHVB-!nEDINBd_F26Wc91Qfe)-vnK1Yv6Pek.o-2s7_1lqYKAGSzEauWsQ8-Jz_LfxWRRVafvQ-L2%3D&8B=llE&8kCL-=S&GO-CO=HE9&G8O=lHA9El&5KKPV=QbV%20S9%204n1-8VDK%20Qb8kyD%20zGmxK%204J1ybVKK8%204K-1JD%20sPmBV-%20.8-P%20T-VDD%20g%20d1DKVP8k5*kVK&qnL=AAU9&fODJ-=S&51KJ-V=S&51KG8O=gS9l&n1Omq18k=K!WgbYnPgYhNKtYH6um8wNbhKnlzJ!xlJ(h8J9VHd!o%3D&fJPJ=S&8D8O=3&1Oe=.VkV-1P%204V1-nb&Jy8O=J9Sh9lh3a9EhKU9UlSU9aSh3E&DDPO=%7B%22DD8J%22%3A%22Sh3*SA3*aS*9%22%2C%22DDnn%22%3A%22wZ%22%2C%22DDDn%22%3A%22u.%22%2C%22DDnKf%22%3A%22Z%C3%83%C2%BCkVkGV-y%22%7D&bKqPD-n=S&sflct=5590675&ure=1
Origin
https://contextual.media.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 08 Dec 2023 18:56:27 GMT
bql.php
lg3.media.net/ Frame 9836 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6869&&vgd_canary=0&vgd_l2type=scs_newfl&fp=7Qp1a2yAgQqtrF-rYirXkLMtV0ic_BnRjdxuZz8TKKq0IaG7TBhQ195hYt4D4EEshg1RCNwev_rK9p2wE-ZTK9EjqMR_jOduFsJhKu2ugHKBd9QfDwfo9NBqaGA5CmJGa3-4k3VMYCE%3D&cme=OmYwf-l74D_VR0m_eDdgiH4KUx8NnWPqkdaN3kmFhJnBTT-yYXu7Iju7plwc1dBzAA6mrHWJR6TrZPpKrY20ILfFjeUoZZbg-8iRYv5p2qggcb22PP4Fv5Pcd2yTjX2tcGjt7uIL-S5KYNFz0kSZ9eclq13Z8zmvfmBpeRLEAzoa-ptTb0TQ6Xl56U39EZ3YuPXO0dtxZ6HgiOs-mv1xg2K1goCfMzgFsipKfFaav9wnQT5YaQnzXg%3D%3D%7C%7Ca0AmFUYXmD7R2wJ1rjRhMHd8zJXf1_-bcSGrm43ddpsCftmQ1UbAgw%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CdaVicZ424boUOLfAsxOG6aX_DNRRkVRhEKgsc02GiwEkf7-rbQDEiAwJ5zlhQkJi8cBmX9i4nPgjTnJ6leZvRl2UWphIKQplHacm1-Q9UyDlo_zEfYgOx_SoT9g9ecadu7rkv0qbFJb1n2orOWTKL9wcnYFlgoz93qxO8GCnMC7021yM6f3WjsuuGtMuBc8lSC2NKsgiJoE2cpEWq74jPQCuGHy2QznM3eOKtyuqGlImU9-17wyxL_TW7nKEW5k_pcB5VEefGQqj7Jr-cXvBQ1BSHWjdPVa1%7Cu8A6SM53vAddm10tWuVKqCMJyoPj4lrs%7CDGYsJEiSixHSP5r3D-YKL-HlKobbaQhq%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&subBdr=196&bdrid=460&ksu=224&fdkt=439&vgde_kbbh=ffoyxQJuO&kwd[]=Infant+Flower+Girl+Dresses&kwt[]=439&kbc[]=1203635240&kwp[]=1&kid[]=15001021&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0401%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C80%3D1.28%7C53%3D0.16%7C12%3D0.17%7C74%3D2.02%7C60%3D0.07%7C1%3D0.25%7C2%3D0.91&ktd[]=1730226956752195840&kwd[]=White+Flower+Girl+Dresses&kwt[]=439&kbc[]=1203635240&kwp[]=2&kid[]=30749636&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0401%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C80%3D1.28%7C53%3D0.16%7C12%3D0.17%7C74%3D2.02%7C60%3D0.07%7C1%3D0.25%7C2%3D0.91&ktd[]=1730227506491232512&kwd[]=Mother+of+The+Bride+Dresses&kwt[]=439&kbc[]=1203635240&kwp[]=3&kid[]=19688143&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D2%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0431%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C80%3D1.28%7C53%3D0.74%7C12%3D0.15%7C74%3D2.02%7C60%3D0.07%7C1%3D0.49%7C2%3D1.60&ktd[]=577305452145348864&kwd[]=Ballerina+Flower+Girl+Dress&kwt[]=439&kbc[]=1203635240&kwp[]=4&kid[]=2944986&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0446%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C80%3D1.28%7C53%3D0.74%7C12%3D0.15%7C74%3D2.02%7C60%3D0.07%7C1%3D0.46%7C2%3D1.66&ktd[]=1730226956735418624&kwd[]=Affordable+Flower+Girl+Dresses&kwt[]=439&kbc[]=1203635240&kwp[]=5&kid[]=1098112&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0401%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C80%3D1.28%7C53%3D0.16%7C12%3D0.17%7C74%3D2.02%7C60%3D0.07%7C1%3D0.25%7C2%3D0.91&ktd[]=1730226956735418624&kwd[]=Flower+Girl+Dress+Designs&kwt[]=439&kbc[]=1203635240&kwp[]=6&kid[]=84734328&kbc2[]=clust%3D1%7C%7Cshopping+%3E+apparel+%3E+women%27s+clothing+%3E+dresses%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0401%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C80%3D1.28%7C53%3D0.16%7C12%3D0.17%7C74%3D2.02%7C60%3D0.07%7C1%3D0.25%7C2%3D0.91&ktd[]=1730226956735418624&v=1&gdpr=1&geo=47.18%7C8.43&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=CH&wsip=170774531&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22q%C3%83%C2%BCzJzGJLy%22%2C%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQQN%22%3A%222Z%22%7D&cid=8CU4FCKBR&vi=1701975386229704704&vsid=DefVid&tdAdd[]=asnum%3D56803&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L340-S340&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000c80a&vgd_nrrsf=scrr&vgd_cty=hunenberg&vgd_ifrmode=13&sttm=1701975386937&upk=1701975387.10252&hvsid=00001701975386937031165826565675&verid=3111299&sbdrId=196&tsrc=entity&vgd_l1rakh=1701975386126205198&vgd_ecrid=446868522&vgd_isiolc=1&kbbq=%26asn%3D56803&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9H~eBMJ-Nv9.AF~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvSffH9XHWu9iuS01Q7Jj8zUMbfbMb8OJG1LMDab%23GQ1olmzJMuFhXWFWAfHWfWohMufAHXF~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vu9~LNvf%2Cf~LEQMQOvf9fAuf9huf~e8QMGvHHF.FF~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvf.fX~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9H~ejfLMxLjMUNv949~GYvu~1AEMGvf.Fi%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvffOXswE-K8sc0q8lq5~G7OvA9hihuhFAi9hW9hhFAAFuhXA9WWFXXiuffiiWHAXuHHWfu9fiXuu9WFuuAAFHXAXuHfii9HiXXWHf9fHfXHW99uFXHhiffWuXWWufuF~eBxv9.AF~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9H~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvH~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9H~ONvW~ejfLMGvf.Fi~8exLjMjvf9~NGOEv9.9fH~875EJM8OvuF~QJjjJLM71yM8OvSffH9XHWu9iuS01Q7Jj8zUMbfbMb8OJG1LMDab%23GQ1olmzJMuFhXWFWAfHWfWohMufAHXF~QxEEj5M71yM8Ovfiu9AuhW~e8JB1G8j875v9.AXhif~EmQv9~N1LL8JLVOv9~myG8Ov9.9H9~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvH~7yQvuF9-F99%7CA99-fX9%7CA99-F99%7CAAF-fW9~GQGv9~GQEv9~7Y-vu9W&vgd_cfud=230301&vgd_scsver=279&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=500&vgd_mbr=1&vgd_pgids=3&tdAdd[]=uiparams%3D%3Brend_w%3A168%3Brend_h%3A280&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001701975386937031165826565675&rc=0&rand=1701975387348&acid=df551389eb7f4903bc2bfdcc67cf1097&matm=1701975387348&vgd_ltimesrc=1&vgd_ltime=859&vgd_rtime=805&vgd_etm=6&vgd_l1hcsd=Og4dd%7C8031&vgd_l1ch=1&vgd_lhl=1386&vgd_pgid=p01803857068t202312071856&vgd_csip=rtb-common-envoy-959b6b648-m2zgb.BE&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CDIV-google_ads_iframe_%2F22405481091%2FPastelink_S2S_Sidebar_ROS_0__container__%7CDIV-bsa-zone_1675868324828-7_123456&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D16e%2C13%2Cb%2C16i%2Ce%2C16j%2Cf%2C16m%2C16n%2Ci2%2Ck7%2Cq%2C3%2C4%2C1g%2C6%2C7%2C8%2C9%2Cy5%2C16b%2C1o%2C16c%2Cy7%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2462&&kkdd=!%7CH%7CA*n9&e8=Sa9SAa3lhEUUAa9Ha9H&yOJ-=S&qDJ1=9&nOe=SSUA&KDnV=YlH9&n8O=hw_HswNRW&nJnO=JTEKCmK4KwTn29fPB-2VmM%3D%3D&n-8O=hl3ESE39H&D8!V=llE~Uh9&nn=wZ&Dn=uZ&nbkq=ZzWctI2&J8O=hdtwQUQt7&KJ8O=QUSllHU&bKKJD=S&---=K!WgbYnPgY0VnOugNSoBK~PGm0qlu6U.emsgMd21W4VIHFEhxTW!gy%3D%3D&kDV=3&PB=S&xyO=H&1OKS=hw_MIS3U6&1OKU=hhS3UEhSH&GO1K1=DOU%3DkxPPr8x-P0P%3DU9rmyV-Jq%3D9*9HreB0V~n%3D9*lEre8D0DO%3DSahrOnU%3DSrDnO%3D!yre01Dk%3D3Eh9lrePU-0DO%3DU9UlSU9aSSr8x-P0G%3DSlUE*Elrx-P0K5n%3D9rDKO%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErP1DK%3Dre8D0x-P0G%3D9*9hr8J%3Dlm_WBnrLGG%3D9re8D0x-P0P%3DU9r-88Jx1%3Da%2CarVK%3DS9r-n%3DU%2CUr-JD0DO%3DU9UlSU9aSUre8D0G%3DHHE*EErx-P0G%3D9*a3rePU-0x-P0G%3D9rePU-0x-P0e8%3DSogSErx-P0Ke8%3D9rVnJ0VV-%3DU*U3rx-P0P%3DU9ryn1K%3DgSrGG%3DSAEree%3D9rPU-0G%3DS999rV-Jq%3D9*9HrePU-0x-P05n%3D9o9rGq%3DSr1lJ0G%3DU*EA%2ClS*3rD8O%3Dhl3ESE39HrDO%3D9rx8O%3DUUO3sbJ~z8scdZ8!ZfrGKO%3Dl9aAaSaElA9ah9aaEllESa3l9hhE33ASUUAAhHl3SHHhUS9UA3SS9hESSllEH3l3SHUAA9HA33hHU9UHU3Hh99SE3HaAUUhS3hhSUSEreBx%3D9*lErOUJ0P%3DS9rlJnL%3DS999rx8q%3D9rmy0qDb%3D9*9HrOqq0DK-y%3Db1-qmkfrOUJ0G%3D9*AhrmyOUJ0G%3D9*AErex-P0G%3DS*UArDD%3DIzrnn%3DwZrx8B%3DgSrnV%3D9r-JD0G%3DlS*3rex-P0P%3DU9rwC%3Dl93lr5G0xn%3DgUrkKD%3DHr5G0nn5D%3DgUrcdU%3D*p%2FJ*prnK%3DbxkVkGV-yrGDD0NQ7%3DIz%2CIzrG1D8DU%3DSAErG1D8DS%3DSAEr8DWVL%3D9r8ex-P0G%3D9*ahr8D8L%3D9rG8O%3D9*9HrOn%3DhrePU-0G%3DU*EAr8ex-P0P%3DU9rnGOJ%3D9*9UHr8KfJV08O%3DSErDVPPV-0K1y08O%3D%2FUUH93HhS9AS%2Fd1DKVP8k504U4048OVG1-0Wt4%23GD1g!mkV0SEa3hEhlUHhUhga0SUlH3ErDxJJPf0K1y08O%3DUAS9lSahre8VB1G8P8Kf%3D9*l3aAUrJmD%3D9rn1--8V-CO%3D9rmyG8O%3D9*9H9rGLP-%3D9*999rDx8O%3DrOKn%3DVx0GVrOqq0V-Jq%3DL1PDVrOqq%3Db1-qmkfrGOJn1JO%3D9rO1Py%3DOVL1xPKr8kDP%3D9rDmGJ%3DrbKqP%3DSrOnxK%3DH9rOmyG%3D9gSr8Gn%3DSrkD!%3DHrKyD%3DSE9~E99%7Cl99~U39%7Cl99~E99%7CllE~Uh9rGDG%3D9rGDJ%3D9rKq~%3DS9h&kKe=9&qqq=n_6)qEutP91LwWEOz)v2ZZ8PtS!Z4kdHVB-!nEDINBd_F26Wc91Qfe)-vnK1Yv6Pek.o-2s7_1lqYKAGSzEauWsQ8-Jz_LfxWRRVafvQ-L2%3D&8B=llE&8kCL-=S&GO-CO=HE9&G8O=lHA9El&5KKPV=QbV%20S9%204n1-8VDK%20Qb8kyD%20zGmxK%204J1ybVKK8%204K-1JD%20sPmBV-%20.8-P%20T-VDD%20g%20d1DKVP8k5*kVK&qnL=AAU9&fODJ-=S&51KJ-V=S&51KG8O=gS9l&n1Omq18k=K!WgbYnPgYhNKtYH6um8wNbhKnlzJ!xlJ(h8J9VHd!o%3D&fJPJ=S&8D8O=3&1Oe=.VkV-1P%204V1-nb&Jy8O=J9Sh9lh3a9EhKU9UlSU9aSh3E&DDPO=%7B%22DD8J%22%3A%22Sh3*SA3*aS*9%22%2C%22DDnn%22%3A%22wZ%22%2C%22DDDn%22%3A%22u.%22%2C%22DDnKf%22%3A%22Z%C3%83%C2%BCkVkGV-y%22%7D&bKqPD-n=S&sflct=5590675&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:27 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Thu, 07 Dec 2023 18:56:27 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Dec 2023 18:56:27 GMT
syncframe
gum.criteo.com/ Frame 7E40 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 18:56:26 GMT
server
Kestrel
server-processing-duration-in-ticks
739549
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Dec 2023 18:56:27 GMT
sid
mug.criteo.com/ Frame 7E40
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=3&topUrl=pastelink.net&bundle=mWUUd19DOGdCSVJVNVlNdTdrekdYN3BzNCUyRk1ySGZxQmh4SWlEaVVsU3A3ZlJYU0VHTzlu...
  • https://mug.criteo.com/sid?cpp=GE_penxWSFNUY2p4MS9BODg0YTNzWHcwR2YyWThtaFZFbi9wLzF0Q0FheGxOT2Nwbm5UbzQrdG51MUhZbVQ4Q29kV0Y0WkU3NEJBMFQxcEgwR3RlSTdUWjVrek5jOTNQQkplTDdJTDVmRTZrcTRFcGVYM21JekdVTWNlNH...
433 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GE_penxWSFNUY2p4MS9BODg0YTNzWHcwR2YyWThtaFZFbi9wLzF0Q0FheGxOT2Nwbm5UbzQrdG51MUhZbVQ4Q29kV0Y0WkU3NEJBMFQxcEgwR3RlSTdUWjVrek5jOTNQQkplTDdJTDVmRTZrcTRFcGVYM21JekdVTWNlNHh2T2hVODJSRWVqUXFjbmpsbndWTmlFMno2d0VPODdIam9zSmw5MUxReUpjOG1QQnJsOUd0ek01ZG9YNklxUXhRUHY4VkUwTjNMN1l0ZDdtc2FIdGN5M2t3bmd6NHpMbCtrUElBWHNwbnFCRlVjVDdhZXk1L2hlY25YOHMxVUZyTmlWcmNIUGU2djBCZmFXVXNQQ0F4QWxCRTZTT2x2R1dNUURSaWRzQk42ZHNBTVdFNnYrND18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
89c38de35046912bec71296d8b922be23aae9c5dff18993fd04ffed64f65c237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
929014
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=GE_penxWSFNUY2p4MS9BODg0YTNzWHcwR2YyWThtaFZFbi9wLzF0Q0FheGxOT2Nwbm5UbzQrdG51MUhZbVQ4Q29kV0Y0WkU3NEJBMFQxcEgwR3RlSTdUWjVrek5jOTNQQkplTDdJTDVmRTZrcTRFcGVYM21JekdVTWNlNHh2T2hVODJSRWVqUXFjbmpsbndWTmlFMno2d0VPODdIam9zSmw5MUxReUpjOG1QQnJsOUd0ek01ZG9YNklxUXhRUHY4VkUwTjNMN1l0ZDdtc2FIdGN5M2t3bmd6NHpMbCtrUElBWHNwbnFCRlVjVDdhZXk1L2hlY25YOHMxVUZyTmlWcmNIUGU2djBCZmFXVXNQQ0F4QWxCRTZTT2x2R1dNUURSaWRzQk42ZHNBTVdFNnYrND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
287820
content-length
0
expires
0
c.gif
www.bing.com/aes/ Frame DCB1
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=3717a331-6dff-4390-8229-cbe9eaf019f6&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=7ca848f7-22c1-4a78...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce963030562745778efcb7b6b53a3db0&tids=15000&med=10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce963030562745778efcb7b6b53a3db0&tids=15000&med=10
Protocol
H3
Server
2a02:26f0:2c::213:614a Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BD4B66AB2D5044AD8FB5D42A79F09513 Ref B: BRU30EDGE0512 Ref C: 2023-12-07T18:56:27Z
x-cdn-traceid
0.46611302.1701975387.30dddb63
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 07 Dec 2023 18:56:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B99D072954554EDA80C24D26395FF70A Ref B: DUS30EDGE0421 Ref C: 2023-12-07T18:56:27Z
x-cdn-traceid
0.46611302.1701975387.30dddb36
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ce963030562745778efcb7b6b53a3db0&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
146
quic-version
0x00000001
vevent
fra1-ib.adnxs.com/ Frame DCB1 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QKzB-izAwAAAwDWAAUBCNmqyKsGEJr4nKPD-53WQxgAKjYJ2H471IMukz8R5x7SPP04kj8ZAAAAYD0Ktz8h5w0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4w4cGgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIeaHR0cHM6Ly9wYXN0ZWxpbmsubmV0L2J2cHl1ejJxgAMAiAMBkAMAmAMXoAMBqgObAwqxAmh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTdjYTg0OGY3LTIyYzEtNGE3OC05YWVjLTEyZDEyZjZkMzU1ZiZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9N2NhODQ4ZjctMjJjMS00YTc4LTlhZWMtMTJkMTJmNmQzNTVmJnJ0eXBlPW51cmwmdGFnSWQ9MjkxMDMxNzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnQJFvDtU3ViR3JvdXA9cGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NzY0MDQyODQxOTEwOTU4MzQiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJeE9EZzROamMwTXpJMU56a2pNak16TXprNE9ETXdPREkyTnpNME5RPT3AA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBEWAWIgFAZgFAKAFouvqpOefiOF2wAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWE7G76BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfDhwbSBw0VZQEmCNoHBgFewBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=14341305b05962a34412b7921ba875b63d7fdcd7&type=pv&jm=1003&px=436&py=1105&bw=182&bh=90&sf=1&sid=3655032991320321639&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=29103178&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
an-x-request-uuid
98c0ff75-fde1-441f-8ed8-6bb1a4daa82c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCB1 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVT7OPvMhGs7Lw6MxB_cW_LfSbdbnPKtJ-c_cpmC2kEImB0zAF1ySK_KkPf2BicrUlT4Y2CSRBFVjVmISNh5QJYy_RlfsOBO0Gy4fSlXiZDo6v7BV1VcLUAI4JfjusVqyBKlWasmniqg&sai=AMfl-YRWpNT0UDPzO9mio5pavMr83vKfit6VSsYoKsKtVC-XgQWwG0E&sig=Cg0ArKJSzLl3vBv1lpPsEAE&id=lidar2&mcvt=1000&p=1105,436,1195,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=840525636&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701975386465&rpt=435&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
hblg.media.net/ Frame BEE3 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGRmNTUxMzg5ZWI3ZjQ5MDNiYzJiZmRjYzY3Y2YxMDk3vKDYyAaYBwRDSBpwYXN0ZWxpbmsubmV0EjhDVVFOMTUyShAyOTEwMzE3OA4zMzZ4MjgwCmV1X2JlBDIzEEFQUE5FWFVTEjhQUjExM0pHQw5CSURfQVBJABAyOTEwMzE3OAIwRnJ0Yi1jb21tb24tZW52b3ktOTU5YjZiNjQ4LW0yemdiLkJFEjQ0Njg2ODUyMgIwACABEEVYQ0hBTkdFAgJi&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AAC8 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueo6ZgDf9jjORjpcpGbRrLDPj4XuQTegsPr5AlRaNQRyOgg7RC6tCu6FtuE19VMpMrADP1MDHkVFUdFUUCcFV-_AV2P4-mxlW6v9d1HNCYqL0r18qjXUiPmXA_vR3-78yzt3tZD5oT6g&sai=AMfl-YQBdZ1SiFHFimiNuOXm4IfhPHjJ6ay5e_SExO-i_jh6owXVfdI&sig=Cg0ArKJSzGY1WTpqQ2NJEAE&id=lidar2&mcvt=1000&p=324,494,604,830&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1703297318&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701975386478&rpt=493&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BEE3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuu9FD__pnyXFdx6SKv-rGUTpHgYbUZrCaMZs3exolggHk9HFps2EsObz5unaDcMOTfpFP9gjINj-Cn3JRjxKuIexdKyxk0Mkpz3r3KCcIWDYeI6C4hN7S4hv4u5Na37giWII_zRHURJQ&sai=AMfl-YQzHu27DWg1b_QEmbA5vgnI-O4Sma_xO2eAzC9cVRRHpqlQ_80&sig=Cg0ArKJSzJ4Iy_-qmhRdEAE&id=lidar2&mcvt=1000&p=473,1081,757,1417&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=3798138915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701975386483&rpt=524&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame BEE3 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&e=wqT_3QLXBOhXAgAAAwDWAAUBCNmqyKsGEN7f-d7I3b_nERgAKjYJ-n5qvHSTmD8RPN9PjZdukj8ZAAAAYD0Ktz8hPA0SACkRJNAxAAAA4FG4nj8wyqjwDTjKQUCVCUhgUKrYitUBWJjVUmAAaJH3a3jDhwaAAQGKAQNVU0SSAQEG9GkBmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9idnB5dXoycYADAIgDAZADAJgDF6ADAaoDQBIXMzk1NDU1OTgzMjI1NjM5NTM0X3NiaWQaEzEyODMyNDMyMzU3NTk1MTc2NjIiCTQ0Njg2ODUyMioFTTExNzPAA9gEyAMA2AP7lcIB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE1qAQAsgQPCAAQARh4INgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKrYitUBiAUBmAUAoAXupN7j8aO8vgXABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGr_EB2gYWChAAAAAAAAAAAAANP3QQABgA4AYB8gYCCACABwGIBwCgBwHIB8OHBtIHDQkNJQUmDNoHBggFCbjgBwDqBwIIAPAHv4MNiggCEACVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=7b1e7a6bbe40a07b9f40beed48425f7d706fa6cb&type=pv&jm=1003&px=1082&py=473&bw=336&bh=280&sf=1&sid=3655032991320321639&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=29103178&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
an-x-request-uuid
f257c056-0ea0-435e-afdf-023294f9d571
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 5516 		801 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ip69.ip-5-196-111.eu
Software
/
Resource Hash
57182b7989471ea68f9d7fe086c33ed292a1018663fda56e2e7fb58b9b060ddd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
801
content-type
text/html
date
Thu, 07 Dec 2023 18:56:27 GMT
nmedianet.js
contextual.media.net/ Frame 7DCD 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
762c347d361dfca7d3c4f278aba4d723c57ebc90b0fead6a91043111ef1582af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-g4dd
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 07 Dec 2023 18:56:28 GMT
server
Apache
etag
"fcdb3151deb81c8a7326802694a00378"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
38120
expires
Thu, 07 Dec 2023 19:01:28 GMT
log
qsearch-a.akamaihd.net/ Frame 7DCD 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=0c1f489883ede815c9fd96d484aa7577&algo=default&bdp=0.0300&bidfp=0.0120&capd=0&cc=CH&cid=8CUQN152J&crid=881526814&ct=hunenberg&dc=east_sc&dfpbd=0.0180&dn=pastelink.net&iwb=1&ogcbdp=0.0300&other_bids=0.03&other_prv=460&pbshr=100.0000&prdp=0.0180&requrl=pastelink.net/bvpyuz2q/&sat=1&sc=ZG&sc_pvid=460&send_erpm=true&server=1&size=336x280&strg=harmony&totalTime=3361270&ugd=4&ver=9.6.4&cliIP=-1178384640&time_stamp=2023-12-07%2018:56:25&seat=BID_API&itype=appnexus&req_id=5883266616034887308&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=appnexus&br_id=265&o_id=101&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&br_ver=89.0.4389.72&o_ver=NT%2010.0&second_bid=0.0&second_bidder=*&model_key=generic_appn_1-cid_0&ogerpm=0.0300&ogerpm_used=false&rawbid=0.0300&totalTimeBucket=3&as_cache=0&sub_bidder=196&current_day=4.0&current_hour=18&cut=40&floor_bucket=0.00&model_version=202312070150_generic_appn_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.1300&stid=27197328&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=6.7718&bdp_wider_bucket=1&splid=27197328&dim10=false&dmm_m9=0.0000&dmm_m10=1040214&log_less=false&cut_bkt=40&advurl=generalsearch.net/&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=bvpyuz2q&clisp=rtb-appnexus-5fd6bb7f75-8pvmx.SC&dmm_m1=2023-12-07%2018:56:25.343785683&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0300&adtyp=0&gpid_format=DEFAULT&gpid=27197328&gpid_sent=true&pst=EMS&bcrid=446868522&erpm_mult=1.000000&zone=d&rc=-1&sfm_key=mowx_System_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=16&wsip=mowx-lite-fb8fd6758-7j25f&rel_cut_bkt=65&djvm=9.5.8&optimal_cut=0.0&cut_cluster=0.0
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:28 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 07 Dec 2023 18:56:28 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 7DCD 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Thu, 07 Dec 2023 18:56:28 GMT
x-guploader-uploadid
ABPtcPpIo_b_NcMKOwHvGDCTG05XY1UknAvtaGcrwEzGBq16PDG4pYQRlOGIdNZ7w2_WERaEBt4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Thu, 07 Dec 2023 19:56:28 GMT
it
nym1-ib.adnxs.com/ Frame 7DCD 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https://pastelink.net/bvpyuz2q&e=wqT_3QKCBfBMggIAAAMA1gAFAQjZqsirBhCSkJPWr_PV_HMYl8j5pJv92a9MKjYJO99PjZdukj8RS8gHPZtVjz8ZAAAAYGZmAEAhS8gHPZtVjz8pO98JJNgxAAAAQOF6xD8wkP_7DDiZXECVCUhgUKrYitUBWMvdoQFgAGj99sQBeJ_mAoABAYoBA1VTRJIBAQbw_ZgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALRwVnqAh5odHRwczovL3Bhc3RlbGluay5uZXQvYnZweXV6MnGAAwCIAwGQAwCYAxSgAwGqA0ESGDU4ODMyNjY2MTYwMzQ4ODczMDhfc2JpZBoTODM1NjgwNjkwNjcwNjQ0NjM1NCIJNDQ2ODY4NTIyKgVNMTE3M8AD2ATIAwDYA_uVwgHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xODUuMTk1LjcxLjIxNagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ASqISEw-gQSCQAAACCMkkdAESFJ2GlPIECIBQGYBQCgBYyNsv2P-uPSUaoFDzczODExMjkxMzRiODM2NsAFAMkFAAAAAAAA8D_SBQkBRQUBcNgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0Aav8QHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAef5gLSBw0VZQEmCNoHBgFewBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=69c888e6577d511e4706f383aad1d26edf3364d8&pp=0.0153
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
an-x-request-uuid
f95ac4f9-9b3a-4e73-bd5a-e58c148066e2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 7DCD 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rt.marphezis.com
URL: https://rt.marphezis.com/static/client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Fri, 06 Dec 2024 18:56:28 GMT
served
rt.marphezis.com/ Frame AAC8 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/served?_bc=KgAAETFPWFBYRVpYWHtRUUMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVZcSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSD38PBVZ7C1xIIBddXkVAUlgLZVBWXXBEVwF6Fw1RXUEBWQssTwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfx4MBgwREQ0CKRsAQzgcBgwmT1tXW0JTSR8tGBAcOFQMB2QBCxcaSVNBXXlcV0M7AB4Af0FaURBGW19LOwULCjhUVEM2Ew4ODEkBHAxlEwsLLTZVU3VHUVFQRVRcVH1RSVEXWFZWdkdf&ver=0.0.21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:27 GMT
access-control-allow-credentials
true
vary
Origin
timp
rt.marphezis.com/ Frame 7DCD 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/timp?_bc=KgAAETFPWFBYRVpYWHtRUUMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVZcSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSD38PBVZ7C1xIIBddXkVAUlgLZVBWXXBEVwF6Fw1RXUEBWQssTwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfx4MBgwREQ0CKRsAQzgcBgwmT1tXW0JTSR8tGBAcOFQMB2QBCxcaSVNBXXlcV0M7AB4Af0FaURBGW19LOwULCjhUVEM2Ew4ODEkBHAxlEwsLLTZVU3VHUVFQRVRcVH1RSVEXWFZWdkdf&ver=0.0.21
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:28 GMT
access-control-allow-credentials
true
vary
Origin
setuid
u.4dex.io/ Frame 5516 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=3322655952767938813&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 5516
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=1LMDH8x3jxoV&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=1LMDH8x3jxoV&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=1LMDH8x3jxoV&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-v92vn
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 5516 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 5516
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4794973522604621722&gdpr=0&gdpr_consent=
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4794973522604621722&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:27 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
an-x-request-uuid
e53c6c53-6302-4abe-b3a8-778eb2949886
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4794973522604621722&gdpr=0&gdpr_consent=
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
p
a.audrte.com/ Frame 5516
Redirect Chain
  • https://a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZjllVFlLUGVvcG1UT0tzUGxuZDVZVWFzdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZ...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1MDAzZGY5ZVRZS1Blb3BtVE9Lc1Bs...
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx...
  • https://a.audrte.com/a?adform_uid=5008915001768587012&r=eyJ1IjoiaHR0cHM6Ly9ydGItY3N5bmMuc21hcnRhZHNlcnZlci5jb20vcmVkaXIvP2lzc2lcdTAwM2QxXHUwMDI2cGFydG5lcmlkXHUwMDNkMTQxXHUwMDI2cGFydG5lcnVzZXJpZFx1M...
  • https://rtb-csync.smartadserver.com/redir/?partnerid=141&partneruserid=f9eTYKPeopmTOKsPlnd5YUasw&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991...
  • https://a.audrte.com/match?uid=3322655952767938813&p=M501991648&r=https%3A%2F%2Fa.audrte.com%2Fp%3F&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p?
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p?
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.208.123.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-123-102.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 07 Dec 2023 18:56:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com/p?
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 9795 		71 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2642&&kkdd=nn%7Cu%7CHA9n*3&999=()fJaUw!JUDOwSAJryhX(Z!I1DPBAMvQE1TJ~2VLfCOu8tcmsdf)J6%3D%3D&EF=yRzybRWBmmyWbcmWzRy&6S.9=y&Pq.L=z&wSE=yyvb&(qwO=UB8z&wFS=mi58Tir-f&w.wS=.dc(H1(C(idwVzj!X9VO1~%3D%3D&w9FS=mBWcycWz8&qF)O=BBcZvmz&ww=i_&qw=A_&wagP=_Kfk4uV&.FS=m24iYvY4p&(.FS=YvyBB8v&a((.q=y&lX9o=a((.q%3A%2F%2F.Lq(O!FglngO(&OlX9o=XRRh~%3ACChy~RM3m)5n)MR&gqO=W&!X=y&s6S=8&LS(y=mi5~uyWvM&LS(v=mmyWvcmy8&ISL(L=qSv%3Dgs!!0Fs9!D!%3Dvz016O9.P%3DznzB0EXDOZw%3DznyB0EFqDqS%3DyRm0Swv%3Dy0qwS%3D)60EDLqg%3DWcmzB0E!v9DqS%3DvzvByvzRyy0Fs9!DI%3DyBvcncB0s9!D(lw%3Dz0q(S%3DvRybRBvm0!Lq(%3D0EFqDs9!DI%3Dznzm0F.%3DB15fXw0oII%3Dz0EFqDs9!D!%3Dvz09FF.sL%3DR%2CR0O(%3Dy809w%3Dy09.qDqS%3DvzvByvzRyv0EFqDI%3D8zznb0s9!DI%3DznRW0E!v9Ds9!DI%3Dz0E!v9Ds9!DEF%3DyhJyc0s9!D(EF%3Dz0Ow.DOO9%3DcmnBB0s9!D!%3Dvz06wL(%3DJy0II%3Dybc0EE%3Dz0!v9DI%3Dyzzz0O9.P%3DznzB0E!v9Ds9!Dlw%3Dzhz0.qFDw%3Dy%2Cy%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz0IP%3Dy0.qFDS%3Dz0LB.DI%3DvnRB%2CBynW0qFS%3DmBWcycWz80qS%3Dz0sFS%3DvHLQ!bTQZ8f_TU2BYo0I(S%3DBzmzmyyvc888z8cbyBbWRbRyRyBRcRRbmvBBcmBBmvmRBvzcbcvvz88Byv8Wmmmmyz8m8zbRyycBRy88BmRvmcWBBcWvWmyzbm8bczz0EXs%3DznyB0Sv.D!%3Dyz0B.wo%3Dyzzz0sFP%3Dz016DPqa%3DznzB0SPPDq(96%3DaL9P1gj0Sv.DI%3Dznbc016Sv.DI%3Dznbc0Es9!DI%3Dynvb0qq%3DuK0ww%3Di_0sFX%3DJy0wO%3Dz09.qDI%3DBynW0Es9!D!%3Dvz0iH%3DBzWB0lIDsw%3DJv0g(q%3DB0lIDwwlq%3DJv0k2v%3Dnx%2F.nx0w(%3DasgOgIO960IqqDrYp%3DuK%2CuK0ILqFqv%3Dybc0ILqFqy%3Dybc0FqfOo%3Dz0FEs9!DI%3DznRm0FqFo%3Dz0IFS%3DznzB0Sw%3Dm0E!v9DI%3DvnRB0FEs9!D!%3Dvz0wIS.%3Dznzym0F(j.ODFS%3Dyc0qO!!O9D(L6DFS%3DvRybRBvm0qs..!jD(L6DFS%3DvRybRBvm0EFOXLIF!F(j%3DznyvRvB80.1q%3Dz0wL99FO9HS%3Dz016IFS%3DznzBz0Io!9%3Dznzyv0qsFS%3D0S(w%3DOLq(Dqw0SPPDO9.P%3DoL!qO0SPP%3DaL9P1gj0IS.wL.S%3Dz0SL!6%3DSOoLs!(0Fgq!%3Dz0q1I.%3D0a(P!%3Dy0Sws(%3D8z0S16I%3DzJy0FIw%3Dy0gq)%3DB0(6q%3DBzzZvWz%7CBBcZvmz%7CRvmZbz0IqI%3Dz0Iq.%3Dz0(PZ%3DyzR&g(E=z&PPP=q1jOKGZfrgoOQsX-Fhf.z2.(y9wRO8oXFt(o6BiU2GtOKbyHBRQY-DE~~hmOVT-cfo1!YLKAuhU696Fu-5iiBX%3D%3D&FX=BBc&FgHo9=y&IS9HS=8cz&IFS=B8my8W&l((!O=YaO%20yz%20CwL9FOq(%20YaFg6q%20KI1s(%20C.L6aO((F%20C(9L.q%20T!1XO9%20QF9!%20d9Oqq%20J%202Lq(O!FglngO(&Pwo=bbvz&jSq.9=y&lL(.9O=y&lLq(q=(q(j.O%3DJyz8zv&lL(IFS=JW&lL.w=yzz&lL(L=L(W&lL!16=CH%3DB8Wv%7C%7CYiU%3Dz%7C%7CYYi%3Dy%7C%7CYi%3Dz%7C%7CkH%3DB8WB%7C%7CiH%3DB8WB%7C%7CYUHd%3Dc%7C%7CCHd%3Dm%7C%7C55Hd%3DvHLlYjljK8B!~(az6a%7C%7C_Hd%3Dz%7C%7Ck2Yd%3Dc8z%7C%7CY2Yd%3DR8RccRbzcbzBy8&wLS1PLFg=()fJaUw!JUmr(4U8MA1Firam(wBK.)sB.7mF.zO82)h%3D&j.!.=y&FqFS=W&LSE=QOgO9L!%20COL9wa&.6FS=.zymzBmWRzcm(vzvByvzRymWc&qq!S=%7B%22qqF.%22%3A%22ymWnybWnRynz%22%2C%22qqww%22%3A%22i_%22%2C%22qqqw%22%3A%22AQ%22%2C%22qqw(j%22%3A%22asgOgIO96%22%7D&.O9o=y&a(P!q9w=y&sflct=5590675&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU4FCKBR&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51c1caa51e77327617cb0fc261d2ac944cbcb13d412da064a05fd575f23a84f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25857
content-type
text/html
date
Thu, 07 Dec 2023 18:56:28 GMT
expires
Thu, 07 Dec 2023 18:56:28 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-sslh
checksync.php
contextual.media.net/ Frame F80A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU4FCKBR&https=1&itype=CM
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5965
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:28 GMT
expires
Sat, 09 Dec 2023 18:56:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 7DCD 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2080&&vgd_cdv=1129&vgd_cage=2&vgd_tsce=L340&vgd_mcf=9920&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=835616504&vi=1701975388159685071&ugd=4&lf=6&kwrf=https%3A%2F%2Fpastelink.net&cc=CH&sc=ZH&lper=100&wsip=170785101&r=1701975388266&rrr=tzR-hLcl-L_ecdZ-K1Ewtxlbo_m3ZJ2GvoF-QPYaRSeN4q68uDRz-g%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.uA~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vuH~LNvu~LEQMQOvf9fAuf9huf~e8QMGvH99.i~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFW.AA~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvf.hA%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvfV1ZjisZ-HDqsT0A_k~G7OvA9W9WuufFHHH9HFiuAiXhihuhuAhFhhiWfAAFWAAWfWhAf9FiFff9HHAufHXWWWWu9HWH9ihuuFAhuHHAWhfWFXAAFXfXWu9iWHiF99~eBxv9.uA~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9A~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvA~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.hA~8exLjMjvf9~NGOEv9.9uW~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.ufhfAH~EmQv9~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvA~7yQvA99-fX9%7CAAF-fW9%7ChfW-i9~GQGv9~GQEv9~7Y-vu9h&ssld=%7B%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQNN%22%3A%22%3Dq%22%2C%22QQQN%22%3A%222Z%22%2C%22QQN75%22%3A%22wxzJzGJLy%22%7D&vgd_bid=348145&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=56803&vgd_rakh=1701975388158185030&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_pgid=p01803857068t202312071856&vgd_pgids=4&vgd_uspa=0&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&hvsid=00001701975388264031165826566931&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:28 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:28 GMT
checksync.php
contextual.media.net/ Frame 0851 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CUQN152J&prvid=99,77,20000,2033,262,460,241,461,462,3018,246,4,3016,313,10000,459,229,9,319&itype=APPNEXUS&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
473320d7653a7a832d00e1f1192083fc09d1ec284f4deeb03816e8962e93b81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8070
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:28 GMT
expires
Sat, 09 Dec 2023 18:56:28 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 7DCD 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=4741&logid=awlog&lper=1&itypeid=16&itype=APPNEXUS&cc=CH&cid=8CUQN152J&reqid=5883266616034887308&vid=5883266616034887308&dn=pastelink.net&rawDn=pastelink.net&requrl_dn=pastelink.net&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https://pastelink.net/bvpyuz2q&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=1&sc=ZG&ct=hunenberg&zip=6331&pubid=pub-appnexus-eu&tgtval=pub-appnexus-eu&csip=rtb-appnexus-5fd6bb7f75-8pvmx.SC&dtc=east_sc&zone=d&ptype=23&tmax=150&xtmax=140&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=56803&sckfl=0&sckfl2=0&smbrid=11801&usp_status=0&usp_enf=1&mspa_enforced=true&pexid=APPNEXUS-2194068&geoll=false&is_ortb=true&s_ip=68.67.160.0&s_city=brooklyn&commit_id=4ae442ec&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-07+00:00:00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=CH&ipcc=CH&is_msnnative_src=false&proxy=envoy&rtttime=35&req_tid_present=true&pvid=460&prvAccId=835616504&prvApiId=8CU4FCKBR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=881526814&prspt=headerBid&prvReqId=31874468210007_910458472_8815268144601&size=336x280&chnl=HARMONY&bdp=0.030&bid_uuid=3fe4a36788bff95a12c87b6867060467&cbdp=0.018&og_cbdp=0.030&ogbdp=0.03&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https://generalsearch.net&dfpBd=0.018&dsrc=-2&dp=0&dbf=1&epc=835616504&s=1&snm=SUCCESS&pcrid=8CU4FCKBR-835616504-49-10&tpbTkn=false&exid=218&bidflr=0.012&pbidflr=0.012&opbidflr=0.012&spbf=0&viewability=13&sbdrid=196&exp=ssProfile=0|sfl=false|ssBucket=0|bfl=-100|sch=1|clt=3|tpi=1|fl_rl=1|kbb_se=1|dbr=1|sfl=false|bfl=-100|tpi=1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1701975385342&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.03&dmm_erpm=true&dmm_ogerpm=false&bcrid=446868522&strg=HARMONY&stagid=27197328&vls=0&scrid=446868522&mang=1&pvdTmax=107&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU4FCKBR&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU4FCKBR&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=27197328&mx_tgs=300x250|336x280|728x90&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=27197328&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=57e0a39df7&mx_exp_tokens%3C%3E=IPBLOCK_DM:GCS
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:28 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame FD6C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 07 Dec 2023 18:56:28 GMT
ETag
"623de86a-cf34"
Expires
Fri, 08 Dec 2023 18:56:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame 7DCD 		0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https://pastelink.net/bvpyuz2q&e=wqT_3QK5BPBMOQIAAAMA1gAFAQjZqsirBhCSkJPWr_PV_HMYl8j5pJv92a9MKjYJO99PjZdukj8RS8gHPZtVjz8ZAAAAYGZmAEAhS8gHPZtVjz8pO98JJNgxAAAAQOF6xD8wkP_7DDiZXECVCUhgUKrYitUBWMvdoQFgAGj99sQBeJ_mAoABAYoBA1VTRJIBAQbwvJgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALRwVnqAh5odHRwczovL3Bhc3RlbGluay5uZXQvYnZweXV6MnGAAwCIAwGQAwCYAxSgAwGqAwDAA9gEyAMA2AP7lcIB4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQOMTg1LjE5NS43MS4yMTWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEqgHgMPoEEgkAAAAgjJJHQBEhCNhpTyBAiAUBmAUAoAWMjbL9j_rj0lGqBQ83MzgxMTI5MTM0YjgzNjbABQDJBQAAAAAAAPA_0gUJAUUFAXDYBQHgBQHwBYWbSvoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AGr_EB2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHn-YC0gcNFWUBJgjaBwYBXqAYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAIANIIBggAEAAYAA..&s=be0c1bb7c53169407e39cf394f90c9fcd22e89f1&bdref=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q,https%3A%2F%2Fpastelink.net%2Fbvpyuz2q,https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
an-x-request-uuid
8d2df3fb-05e2-4567-919d-80ed291b332a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FD6C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11801&pub_id=2194068&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
an-x-request-uuid
3ec121b1-87bc-4687-ab69-3bd2bf50a9a4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bqi.php
lg3.media.net/ Frame BEE3 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2269&lf=3&&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_tsce=L340&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349063&vgd_cdv=1129&vgd_cage=2&vgd_rensize=168_280&vgd_ren_page_h=3429&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9H~eBMJ-Nv9.AF~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvSffH9XHWu9iuS01Q7Jj8zUMbfbMb8OJG1LMDab%23GQ1olmzJMuFhXWFWAfHWfWohMufAHXF~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vu9~LNvf%2Cf~LEQMQOvf9fAuf9huf~e8QMGvHHF.FF~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvf.fX~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9H~ejfLMxLjMUNv949~GYvu~1AEMGvf.Fi%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvffOXswE-K8sc0q8lq5~G7OvA9hihuhFAi9hW9hhFAAFuhXA9WWFXXiuffiiWHAXuHHWfu9fiXuu9WFuuAAFHXAXuHfii9HiXXWHf9fHfXHW99uFXHhiffWuXWWufuF~eBxv9.AF~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9H~OYYMQ7Lyvw1LYmz5~OfEMGv9.iW~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvH~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9H~ONvW~ejfLMGvf.Fi~8exLjMjvf9~NGOEv9.9fH~875EJM8OvuF~QJjjJLM71yM8OvSffH9XHWu9iuS01Q7Jj8zUMbfbMb8OJG1LMDab%23GQ1olmzJMuFhXWFWAfHWfWohMufAHXF~QxEEj5M71yM8Ovfiu9AuhW~e8JB1G8j875v9.AXhif~EmQv9~N1LL8JLVOv9~myG8Ov9.9H9~GkjLv9.999~Qx8Ov~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvH~7yQvuF9-F99%7CA99-fX9%7CA99-F99%7CAAF-fW9~GQGv9~GQEv9~7Y-vu9W&vgd_lbt=500&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=835616504&rrr=tzR-hLcl-L_ecdZ-K1Ewtxlbo_m3ZJ2GvoF-QPYaRSeN4q68uDRz-g%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&vi=1701975386229704704&ugd=4&cc=CH&sc=ZH&bdrid=460&subBdr=196&startTime=1701975386935&l1ch=1&l1hcsd=l1!Og4dd|8031&mmm=cUJXm6ZOl0afCR6dAXjYHHilO1zHSnP4ewrzc6sNKwPUqYJRM0aTyvXrjctaLjJlvnGErYFWUa3mLt9b1A67ZRFTirpAUfyuRBBe7yjTrfY=&buid=349063&sttm=1701975386937&upk=1701975387.10252&hvsid=00001701975386937031165826565675&acid=df551389eb7f4903bc2bfdcc67cf1097&verid=3111299&infr=1&stime=1701975386549&tsrc=entity&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1701975386126205198&vgd_sc=ZH&vgd_ecrid=446868522&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01803857068t202312071856&vgd_pgids=3&vgd_end=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:28 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 07 Dec 2023 18:56:28 GMT
rendered
rt.marphezis.com/ Frame 7DCD 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt.marphezis.com/rendered?_bc=KgAAETFPWFBYRVpYWHtRUUMqGwsSMRcbWgscEQAALU8HCicCDQB_Qk8EBwENGx8xVAcNbg0GFTBPWUlYRVZcSywGCQQhB1kVIwEdAgQdDQRDJgwQQywZAgAnT1lJWERTX0ssGQ0BdQgUFSwXERIbUgcbFDgMWQEtGg8RLQJPAhAEXl9LIAgAWHhPDAQmFBwXVURFBgl9VFRDIQAVWHJUAAoYHQdSD38PBVZ7C1xIIBddXkVAUlgLZVBWXXBEVwF6Fw1RXUEBWQssTwgKJxlZVWQdGlofHQ0LAj8aQhU8EBQAfx4MBgwREQ0CKRsAQzgcBgwmT1tXW0JTSR8tGBAcOFQMB2QBCxcaSVNBXXlcV0M7AB4Af0FaURBGW19LOwULCjhUVEM2Ew4ODEkBHAxlEwsLLTZVU3VHUVFQRVRcVH1RSVEXWFZWdkdf&ver=0.0.21
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.128.135.204 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
date
Thu, 07 Dec 2023 18:56:28 GMT
access-control-allow-credentials
true
vary
Origin
vevent
nym1-ib.adnxs.com/ Frame 7DCD 		0
662 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https://pastelink.net/bvpyuz2q&e=wqT_3QKCBfBMggIAAAMA1gAFAQjZqsirBhCSkJPWr_PV_HMYl8j5pJv92a9MKjYJO99PjZdukj8RS8gHPZtVjz8ZAAAAYGZmAEAhS8gHPZtVjz8pO98JJNgxAAAAQOF6xD8wkP_7DDiZXECVCUhgUKrYitUBWMvdoQFgAGj99sQBeJ_mAoABAYoBA1VTRJIBAQbw_ZgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALRwVnqAh5odHRwczovL3Bhc3RlbGluay5uZXQvYnZweXV6MnGAAwCIAwGQAwCYAxSgAwGqA0ESGDU4ODMyNjY2MTYwMzQ4ODczMDhfc2JpZBoTODM1NjgwNjkwNjcwNjQ0NjM1NCIJNDQ2ODY4NTIyKgVNMTE3M8AD2ATIAwDYA_uVwgHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xODUuMTk1LjcxLjIxNagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ASqISEw-gQSCQAAACCMkkdAESFJ2GlPIECIBQGYBQCgBYyNsv2P-uPSUaoFDzczODExMjkxMzRiODM2NsAFAMkFAAAAAAAA8D_SBQkBRQUBcNgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0Aav8QHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAef5gLSBw0VZQEmCNoHBgFewBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=69c888e6577d511e4706f383aad1d26edf3364d8&type=nv&nvt=5&jm=1003&px=495&py=325&bw=336&bh=280&sid=3655032991320321639&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27197328&sw=1600&sh=1200&pw=1600&ph=3429&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
an-x-request-uuid
b92c7423-3fc7-4311-8895-b224b4164d14
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 9795 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9795 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 9795 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2642&&kkdd=nn%7Cu%7CHA9n*3&999=()fJaUw!JUDOwSAJryhX(Z!I1DPBAMvQE1TJ~2VLfCOu8tcmsdf)J6%3D%3D&EF=yRzybRWBmmyWbcmWzRy&6S.9=y&Pq.L=z&wSE=yyvb&(qwO=UB8z&wFS=mi58Tir-f&w.wS=.dc(H1(C(idwVzj!X9VO1~%3D%3D&w9FS=mBWcycWz8&qF)O=BBcZvmz&ww=i_&qw=A_&wagP=_Kfk4uV&.FS=m24iYvY4p&(.FS=YvyBB8v&a((.q=y&lX9o=a((.q%3A%2F%2F.Lq(O!FglngO(&OlX9o=XRRh~%3ACChy~RM3m)5n)MR&gqO=W&!X=y&s6S=8&LS(y=mi5~uyWvM&LS(v=mmyWvcmy8&ISL(L=qSv%3Dgs!!0Fs9!D!%3Dvz016O9.P%3DznzB0EXDOZw%3DznyB0EFqDqS%3DyRm0Swv%3Dy0qwS%3D)60EDLqg%3DWcmzB0E!v9DqS%3DvzvByvzRyy0Fs9!DI%3DyBvcncB0s9!D(lw%3Dz0q(S%3DvRybRBvm0!Lq(%3D0EFqDs9!DI%3Dznzm0F.%3DB15fXw0oII%3Dz0EFqDs9!D!%3Dvz09FF.sL%3DR%2CR0O(%3Dy809w%3Dy09.qDqS%3DvzvByvzRyv0EFqDI%3D8zznb0s9!DI%3DznRW0E!v9Ds9!DI%3Dz0E!v9Ds9!DEF%3DyhJyc0s9!D(EF%3Dz0Ow.DOO9%3DcmnBB0s9!D!%3Dvz06wL(%3DJy0II%3Dybc0EE%3Dz0!v9DI%3Dyzzz0O9.P%3DznzB0E!v9Ds9!Dlw%3Dzhz0.qFDw%3Dy%2Cy%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz0IP%3Dy0.qFDS%3Dz0LB.DI%3DvnRB%2CBynW0qFS%3DmBWcycWz80qS%3Dz0sFS%3DvHLQ!bTQZ8f_TU2BYo0I(S%3DBzmzmyyvc888z8cbyBbWRbRyRyBRcRRbmvBBcmBBmvmRBvzcbcvvz88Byv8Wmmmmyz8m8zbRyycBRy88BmRvmcWBBcWvWmyzbm8bczz0EXs%3DznyB0Sv.D!%3Dyz0B.wo%3Dyzzz0sFP%3Dz016DPqa%3DznzB0SPPDq(96%3DaL9P1gj0Sv.DI%3Dznbc016Sv.DI%3Dznbc0Es9!DI%3Dynvb0qq%3DuK0ww%3Di_0sFX%3DJy0wO%3Dz09.qDI%3DBynW0Es9!D!%3Dvz0iH%3DBzWB0lIDsw%3DJv0g(q%3DB0lIDwwlq%3DJv0k2v%3Dnx%2F.nx0w(%3DasgOgIO960IqqDrYp%3DuK%2CuK0ILqFqv%3Dybc0ILqFqy%3Dybc0FqfOo%3Dz0FEs9!DI%3DznRm0FqFo%3Dz0IFS%3DznzB0Sw%3Dm0E!v9DI%3DvnRB0FEs9!D!%3Dvz0wIS.%3Dznzym0F(j.ODFS%3Dyc0qO!!O9D(L6DFS%3DvRybRBvm0qs..!jD(L6DFS%3DvRybRBvm0EFOXLIF!F(j%3DznyvRvB80.1q%3Dz0wL99FO9HS%3Dz016IFS%3DznzBz0Io!9%3Dznzyv0qsFS%3D0S(w%3DOLq(Dqw0SPPDO9.P%3DoL!qO0SPP%3DaL9P1gj0IS.wL.S%3Dz0SL!6%3DSOoLs!(0Fgq!%3Dz0q1I.%3D0a(P!%3Dy0Sws(%3D8z0S16I%3DzJy0FIw%3Dy0gq)%3DB0(6q%3DBzzZvWz%7CBBcZvmz%7CRvmZbz0IqI%3Dz0Iq.%3Dz0(PZ%3DyzR&g(E=z&PPP=q1jOKGZfrgoOQsX-Fhf.z2.(y9wRO8oXFt(o6BiU2GtOKbyHBRQY-DE~~hmOVT-cfo1!YLKAuhU696Fu-5iiBX%3D%3D&FX=BBc&FgHo9=y&IS9HS=8cz&IFS=B8my8W&l((!O=YaO%20yz%20CwL9FOq(%20YaFg6q%20KI1s(%20C.L6aO((F%20C(9L.q%20T!1XO9%20QF9!%20d9Oqq%20J%202Lq(O!FglngO(&Pwo=bbvz&jSq.9=y&lL(.9O=y&lLq(q=(q(j.O%3DJyz8zv&lL(IFS=JW&lL.w=yzz&lL(L=L(W&lL!16=CH%3DB8Wv%7C%7CYiU%3Dz%7C%7CYYi%3Dy%7C%7CYi%3Dz%7C%7CkH%3DB8WB%7C%7CiH%3DB8WB%7C%7CYUHd%3Dc%7C%7CCHd%3Dm%7C%7C55Hd%3DvHLlYjljK8B!~(az6a%7C%7C_Hd%3Dz%7C%7Ck2Yd%3Dc8z%7C%7CY2Yd%3DR8RccRbzcbzBy8&wLS1PLFg=()fJaUw!JUmr(4U8MA1Firam(wBK.)sB.7mF.zO82)h%3D&j.!.=y&FqFS=W&LSE=QOgO9L!%20COL9wa&.6FS=.zymzBmWRzcm(vzvByvzRymWc&qq!S=%7B%22qqF.%22%3A%22ymWnybWnRynz%22%2C%22qqww%22%3A%22i_%22%2C%22qqqw%22%3A%22AQ%22%2C%22qqw(j%22%3A%22asgOgIO96%22%7D&.O9o=y&a(P!q9w=y&sflct=5590675&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2642&&kkdd=nn%7Cu%7CHA9n*3&999=()fJaUw!JUDOwSAJryhX(Z!I1DPBAMvQE1TJ~2VLfCOu8tcmsdf)J6%3D%3D&EF=yRzybRWBmmyWbcmWzRy&6S.9=y&Pq.L=z&wSE=yyvb&(qwO=UB8z&wFS=mi58Tir-f&w.wS=.dc(H1(C(idwVzj!X9VO1~%3D%3D&w9FS=mBWcycWz8&qF)O=BBcZvmz&ww=i_&qw=A_&wagP=_Kfk4uV&.FS=m24iYvY4p&(.FS=YvyBB8v&a((.q=y&lX9o=a((.q%3A%2F%2F.Lq(O!FglngO(&OlX9o=XRRh~%3ACChy~RM3m)5n)MR&gqO=W&!X=y&s6S=8&LS(y=mi5~uyWvM&LS(v=mmyWvcmy8&ISL(L=qSv%3Dgs!!0Fs9!D!%3Dvz016O9.P%3DznzB0EXDOZw%3DznyB0EFqDqS%3DyRm0Swv%3Dy0qwS%3D)60EDLqg%3DWcmzB0E!v9DqS%3DvzvByvzRyy0Fs9!DI%3DyBvcncB0s9!D(lw%3Dz0q(S%3DvRybRBvm0!Lq(%3D0EFqDs9!DI%3Dznzm0F.%3DB15fXw0oII%3Dz0EFqDs9!D!%3Dvz09FF.sL%3DR%2CR0O(%3Dy809w%3Dy09.qDqS%3DvzvByvzRyv0EFqDI%3D8zznb0s9!DI%3DznRW0E!v9Ds9!DI%3Dz0E!v9Ds9!DEF%3DyhJyc0s9!D(EF%3Dz0Ow.DOO9%3DcmnBB0s9!D!%3Dvz06wL(%3DJy0II%3Dybc0EE%3Dz0!v9DI%3Dyzzz0O9.P%3DznzB0E!v9Ds9!Dlw%3Dzhz0.qFDw%3Dy%2Cy%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz0IP%3Dy0.qFDS%3Dz0LB.DI%3DvnRB%2CBynW0qFS%3DmBWcycWz80qS%3Dz0sFS%3DvHLQ!bTQZ8f_TU2BYo0I(S%3DBzmzmyyvc888z8cbyBbWRbRyRyBRcRRbmvBBcmBBmvmRBvzcbcvvz88Byv8Wmmmmyz8m8zbRyycBRy88BmRvmcWBBcWvWmyzbm8bczz0EXs%3DznyB0Sv.D!%3Dyz0B.wo%3Dyzzz0sFP%3Dz016DPqa%3DznzB0SPPDq(96%3DaL9P1gj0Sv.DI%3Dznbc016Sv.DI%3Dznbc0Es9!DI%3Dynvb0qq%3DuK0ww%3Di_0sFX%3DJy0wO%3Dz09.qDI%3DBynW0Es9!D!%3Dvz0iH%3DBzWB0lIDsw%3DJv0g(q%3DB0lIDwwlq%3DJv0k2v%3Dnx%2F.nx0w(%3DasgOgIO960IqqDrYp%3DuK%2CuK0ILqFqv%3Dybc0ILqFqy%3Dybc0FqfOo%3Dz0FEs9!DI%3DznRm0FqFo%3Dz0IFS%3DznzB0Sw%3Dm0E!v9DI%3DvnRB0FEs9!D!%3Dvz0wIS.%3Dznzym0F(j.ODFS%3Dyc0qO!!O9D(L6DFS%3DvRybRBvm0qs..!jD(L6DFS%3DvRybRBvm0EFOXLIF!F(j%3DznyvRvB80.1q%3Dz0wL99FO9HS%3Dz016IFS%3DznzBz0Io!9%3Dznzyv0qsFS%3D0S(w%3DOLq(Dqw0SPPDO9.P%3DoL!qO0SPP%3DaL9P1gj0IS.wL.S%3Dz0SL!6%3DSOoLs!(0Fgq!%3Dz0q1I.%3D0a(P!%3Dy0Sws(%3D8z0S16I%3DzJy0FIw%3Dy0gq)%3DB0(6q%3DBzzZvWz%7CBBcZvmz%7CRvmZbz0IqI%3Dz0Iq.%3Dz0(PZ%3DyzR&g(E=z&PPP=q1jOKGZfrgoOQsX-Fhf.z2.(y9wRO8oXFt(o6BiU2GtOKbyHBRQY-DE~~hmOVT-cfo1!YLKAuhU696Fu-5iiBX%3D%3D&FX=BBc&FgHo9=y&IS9HS=8cz&IFS=B8my8W&l((!O=YaO%20yz%20CwL9FOq(%20YaFg6q%20KI1s(%20C.L6aO((F%20C(9L.q%20T!1XO9%20QF9!%20d9Oqq%20J%202Lq(O!FglngO(&Pwo=bbvz&jSq.9=y&lL(.9O=y&lLq(q=(q(j.O%3DJyz8zv&lL(IFS=JW&lL.w=yzz&lL(L=L(W&lL!16=CH%3DB8Wv%7C%7CYiU%3Dz%7C%7CYYi%3Dy%7C%7CYi%3Dz%7C%7CkH%3DB8WB%7C%7CiH%3DB8WB%7C%7CYUHd%3Dc%7C%7CCHd%3Dm%7C%7C55Hd%3DvHLlYjljK8B!~(az6a%7C%7C_Hd%3Dz%7C%7Ck2Yd%3Dc8z%7C%7CY2Yd%3DR8RccRbzcbzBy8&wLS1PLFg=()fJaUw!JUmr(4U8MA1Firam(wBK.)sB.7mF.zO82)h%3D&j.!.=y&FqFS=W&LSE=QOgO9L!%20COL9wa&.6FS=.zymzBmWRzcm(vzvByvzRymWc&qq!S=%7B%22qqF.%22%3A%22ymWnybWnRynz%22%2C%22qqww%22%3A%22i_%22%2C%22qqqw%22%3A%22AQ%22%2C%22qqw(j%22%3A%22asgOgIO96%22%7D&.O9o=y&a(P!q9w=y&sflct=5590675&ure=1
Origin
https://contextual.media.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:28 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Fri, 08 Dec 2023 18:56:28 GMT
bql.php
lg3.media.net/ Frame 9795 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6656&&vgd_canary=0&vgd_l2type=scs_newfl&fp=7Qp1a2yAgQqtrF-rYirXkLMtV0ic_BnRjdxuZz8TKKq0IaG7TBhQ1-I3ytlrqOhYpP4FU2Lj3EQDT4fTwu9g1a3zeuT0CJ01cvH_S95JR9KZEpQ2jNIDWFXuUFJTEkrSSMFJbfCsl_Y%3D&cme=IBpuYGE9d4KBfC_uuuRQWmTK-JxGd0I-5ckwxlrZfOUXSTC-fB7T0BZU9yHzUTjA8fTWIWij0yq3yFt8SR0lUFejvKZaTzLG8H1bb4ZCGFurFGGdkDx-SHSa9AjYK_ydgsGWa6CT3Bw7mcoPn7qIwGX4fBPUUAy6GZAGjnAiDTzJYiqbY5g-Br9WWWAppFUHUDPValfDnJcUYOqomeoNceoFur3-9CaaItLUJ3xaOJ1Bm2t4BgOmkO89Pud3A7n51ylE1kYjTJpHrVis1tPp0g%3D%3D%7C%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CwpqLGNAcyttn_EBVQ5s5gK-BP8SsSOLVyyfWD-xp3ZdyzQ9lRA-Kl90xymINQSxDGL8Df49nvDW3i8AH8s8PNxzvXeqrmbBenRC5LNqFOOp5Ik25hFb4QLMw0PC-b3g-SYkyHG1LwJu_4lRJWW44OAiRmsUwxn4DEuAvdlb7hdO4FbzJK0ojb1sT7TLiaWUzHwriV7QfDGekyEFEW4bzA-LcA3ZjpMdqsPbCnXbwKGVQRE0UXz-6mN8LyhBWs8a_99yVc_Mbuc7Kg4eD3HA6VcrVvJPi1bfb%7Cu8A6SM53vAddm10tWuVKqCMJyoPj4lrs%7CDGYsJEiSixHSP5r3D-YKL-HlKobbaQhq%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD7R2wJ1rjRhMHd8zJXf1_-bcSGrm43ddpsCftmQ1UbAgw%3D%3D%7Cxrl5Md8q4-_JOyM93sW-EW1YB9G19zQ3TskEbCw3hNI%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=439&vgde_kbbh=ffoyxQJuO&kwd[]=Dresses+for+Toddler+Girls&kwt[]=439&kbc[]=1300920005&kwp[]=1&kid[]=322000925&kbc2[]=3%3D0.08%7C4%3D1.00%7Ct%3D3%7Cclust%3D2%7Csetid%3D8%7Cdiff%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0290%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C12%3D0.28%7C74%3D2.02%7C53%3D0.65%7C60%3D0.32%7C80%3D1.31%7C1%3D0.47%7C2%3D1.25&ktd[]=2324702107548123392&kwd[]=Vintage+Clothing+for+Women&kwt[]=439&kbc[]=1300920005&kwp[]=2&kid[]=30022339&kbc2[]=clust%3D2%7C%7Cshopping+%3E+apparel%7C%7Cdiff%3D1%7C%7Csetid%3D1%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0410%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C12%3D0.08%7C74%3D2.02%7C53%3D0.77%7C60%3D0.10%7C80%3D1.31%7C1%3D0.45%7C2%3D1.30&ktd[]=293579225360109824&kwd[]=Free+Dress+Pattern&kwt[]=439&kbc[]=1300920005&kwp[]=3&kid[]=11551609&kbc2[]=3%3D0.07%7C4%3D1.00%7Ct%3D3%7Cclust%3D2%7Csetid%3D9%7Cdiff%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0463%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C12%3D0.17%7C74%3D2.02%7C53%3D0.16%7C60%3D0.07%7C80%3D1.31%7C1%3D0.28%7C2%3D1.29&ktd[]=2617436083327205632&kwd[]=Buy+Toddler+Girl+Dresses&kwt[]=423&kbc[]=1301023878&kwp[]=4&kid[]=361319975&kbc2[]=pmb%3D2%7Cemlp%3D0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0351%7C14%3D120714%7Cokt%3D423%7Cbdkt%3D423%7Cps%3D0.827%7C12%3D0.15%7C74%3D2.02%7C53%3D0.89%7C60%3D0.07%7C80%3D1.31%7C1%3D0.53%7C2%3D1.64&ktd[]=4503874522452224&kwd[]=Best+Dresses+for+Baby+Girls&kwt[]=423&kbc[]=1301023878&kwp[]=5&kid[]=361319780&kbc2[]=3%3D0.13%7Cemlp%3D0%7C4%3D1.00%7Cpmb%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0351%7C14%3D120714%7Cokt%3D423%7Cbdkt%3D423%7Cps%3D0.827%7C12%3D0.15%7C74%3D2.02%7C53%3D0.89%7C60%3D0.07%7C80%3D1.31%7C1%3D0.53%7C2%3D1.64&ktd[]=22518273031667968&kwd[]=H%26M+Girls+Dresses&kwt[]=439&kbc[]=1300920005&kwp[]=6&kid[]=363375384&kbc2[]=clust%3D2%7C%7Cshopping+%3E+apparel%7C%7Cdiff%3D1%7C%7Csetid%3D6%7C%7Ct%3D3%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0001%7C8%3D120705%7C13%3D0.0351%7C14%3D120714%7Cokt%3D439%7Cbdkt%3D439%7Cps%3D0.919%7C12%3D0.15%7C74%3D2.02%7C53%3D0.89%7C60%3D0.07%7C80%3D1.31%7C1%3D0.53%7C2%3D1.64&ktd[]=1734731106118668544&v=1&gdpr=1&geo=47.18%7C8.43&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=CH&wsip=170774531&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3Dq%22%2C%22QQN75%22%3A%22wxzJzGJLy%22%2C%22QQ8E%22%3A%22uWX.uiX.hu.9%22%2C%22QQQN%22%3A%222Z%22%7D&cid=8CU4FCKBR&vi=1701975388159685071&vsid=DefVid&tdAdd[]=asnum%3D56803&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=0&vgd_tsce=L340-S340&vgd_l3_sc=ZH&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_refdomain=pastelink.net&vgd_katbid=-5&vgd_kasts=tstype%3D-10402&vgd_kalog=SI%3D3452%7C%7CTCL%3D0%7C%7CTTC%3D1%7C%7CTC%3D0%7C%7CMI%3D3453%7C%7CCI%3D3453%7C%7CTLID%3D6%7C%7CSID%3D8%7C%7CUUID%3D2IakTykyA43lQth0gh%7C%7CHID%3D0%7C%7CMPTD%3D640%7C%7CTPTD%3D74766790690314&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=43000c80a&vgd_nrrsf=scrr&vgd_cty=hunenberg&vgd_ifrmode=13&sttm=1701975388264&upk=1701975388.27779&hvsid=00001701975388264031165826566931&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&vgd_l1rakh=1701975388158185030&vgd_ecrid=446868522&vgd_isiolc=1&kbbq=%26asn%3D56803&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=9920&vgd_vstrid=DefVid&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.uA~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vuH~LNvu~LEQMQOvf9fAuf9huf~e8QMGvH99.i~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFW.AA~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvf.hA%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvfV1ZjisZ-HDqsT0A_k~G7OvA9W9WuufFHHH9HFiuAiXhihuhuAhFhhiWfAAFWAAWfWhAf9FiFff9HHAufHXWWWWu9HWH9ihuuFAhuHHAWhfWFXAAFXfXWu9iWHiF99~eBxv9.uA~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9A~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvA~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.hA~8exLjMjvf9~NGOEv9.9uW~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.ufhfAH~EmQv9~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvA~7yQvA99-fX9%7CAAF-fW9%7ChfW-i9~GQGv9~GQEv9~7Y-vu9h&vgd_cfud=230301&vgd_scsver=279&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duhvu&vgd_l1cdv=1129&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=50&vgd_mbr=1&vgd_pgids=4&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&vgd_uspa=0&vgd_sc=ZH&vgd_l1rhst=contextual.media.net&hvsid=00001701975388264031165826566931&rc=0&rand=1701975388590&acid=0c1f489883ede815c9fd96d484aa7577&matm=1701975388590&vgd_ltimesrc=1&vgd_ltime=487&vgd_rtime=417&vgd_etm=3&vgd_l1hcsd=Og4dd%7C8031&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=1369&vgd_pgid=p01803857068t202312071856&vgd_csip=rtb-appnexus-5fd6bb7f75-8pvmx.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D16e%2C8y%2Ca%2Cb%2C1v%2Cf%2Ch%2Ci%2Ci2%2Ck7%2Cq%2C3%2C4%2C90%2C92%2C9%2Cjg%7Ccsh%3D1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2642&&kkdd=nn%7Cu%7CHA9n*3&999=()fJaUw!JUDOwSAJryhX(Z!I1DPBAMvQE1TJ~2VLfCOu8tcmsdf)J6%3D%3D&EF=yRzybRWBmmyWbcmWzRy&6S.9=y&Pq.L=z&wSE=yyvb&(qwO=UB8z&wFS=mi58Tir-f&w.wS=.dc(H1(C(idwVzj!X9VO1~%3D%3D&w9FS=mBWcycWz8&qF)O=BBcZvmz&ww=i_&qw=A_&wagP=_Kfk4uV&.FS=m24iYvY4p&(.FS=YvyBB8v&a((.q=y&lX9o=a((.q%3A%2F%2F.Lq(O!FglngO(&OlX9o=XRRh~%3ACChy~RM3m)5n)MR&gqO=W&!X=y&s6S=8&LS(y=mi5~uyWvM&LS(v=mmyWvcmy8&ISL(L=qSv%3Dgs!!0Fs9!D!%3Dvz016O9.P%3DznzB0EXDOZw%3DznyB0EFqDqS%3DyRm0Swv%3Dy0qwS%3D)60EDLqg%3DWcmzB0E!v9DqS%3DvzvByvzRyy0Fs9!DI%3DyBvcncB0s9!D(lw%3Dz0q(S%3DvRybRBvm0!Lq(%3D0EFqDs9!DI%3Dznzm0F.%3DB15fXw0oII%3Dz0EFqDs9!D!%3Dvz09FF.sL%3DR%2CR0O(%3Dy809w%3Dy09.qDqS%3DvzvByvzRyv0EFqDI%3D8zznb0s9!DI%3DznRW0E!v9Ds9!DI%3Dz0E!v9Ds9!DEF%3DyhJyc0s9!D(EF%3Dz0Ow.DOO9%3DcmnBB0s9!D!%3Dvz06wL(%3DJy0II%3Dybc0EE%3Dz0!v9DI%3Dyzzz0O9.P%3DznzB0E!v9Ds9!Dlw%3Dzhz0.qFDw%3Dy%2Cy%2Cz%2Cz%2Cz%2Cz%2Cz%2Cz0IP%3Dy0.qFDS%3Dz0LB.DI%3DvnRB%2CBynW0qFS%3DmBWcycWz80qS%3Dz0sFS%3DvHLQ!bTQZ8f_TU2BYo0I(S%3DBzmzmyyvc888z8cbyBbWRbRyRyBRcRRbmvBBcmBBmvmRBvzcbcvvz88Byv8Wmmmmyz8m8zbRyycBRy88BmRvmcWBBcWvWmyzbm8bczz0EXs%3DznyB0Sv.D!%3Dyz0B.wo%3Dyzzz0sFP%3Dz016DPqa%3DznzB0SPPDq(96%3DaL9P1gj0Sv.DI%3Dznbc016Sv.DI%3Dznbc0Es9!DI%3Dynvb0qq%3DuK0ww%3Di_0sFX%3DJy0wO%3Dz09.qDI%3DBynW0Es9!D!%3Dvz0iH%3DBzWB0lIDsw%3DJv0g(q%3DB0lIDwwlq%3DJv0k2v%3Dnx%2F.nx0w(%3DasgOgIO960IqqDrYp%3DuK%2CuK0ILqFqv%3Dybc0ILqFqy%3Dybc0FqfOo%3Dz0FEs9!DI%3DznRm0FqFo%3Dz0IFS%3DznzB0Sw%3Dm0E!v9DI%3DvnRB0FEs9!D!%3Dvz0wIS.%3Dznzym0F(j.ODFS%3Dyc0qO!!O9D(L6DFS%3DvRybRBvm0qs..!jD(L6DFS%3DvRybRBvm0EFOXLIF!F(j%3DznyvRvB80.1q%3Dz0wL99FO9HS%3Dz016IFS%3DznzBz0Io!9%3Dznzyv0qsFS%3D0S(w%3DOLq(Dqw0SPPDO9.P%3DoL!qO0SPP%3DaL9P1gj0IS.wL.S%3Dz0SL!6%3DSOoLs!(0Fgq!%3Dz0q1I.%3D0a(P!%3Dy0Sws(%3D8z0S16I%3DzJy0FIw%3Dy0gq)%3DB0(6q%3DBzzZvWz%7CBBcZvmz%7CRvmZbz0IqI%3Dz0Iq.%3Dz0(PZ%3DyzR&g(E=z&PPP=q1jOKGZfrgoOQsX-Fhf.z2.(y9wRO8oXFt(o6BiU2GtOKbyHBRQY-DE~~hmOVT-cfo1!YLKAuhU696Fu-5iiBX%3D%3D&FX=BBc&FgHo9=y&IS9HS=8cz&IFS=B8my8W&l((!O=YaO%20yz%20CwL9FOq(%20YaFg6q%20KI1s(%20C.L6aO((F%20C(9L.q%20T!1XO9%20QF9!%20d9Oqq%20J%202Lq(O!FglngO(&Pwo=bbvz&jSq.9=y&lL(.9O=y&lLq(q=(q(j.O%3DJyz8zv&lL(IFS=JW&lL.w=yzz&lL(L=L(W&lL!16=CH%3DB8Wv%7C%7CYiU%3Dz%7C%7CYYi%3Dy%7C%7CYi%3Dz%7C%7CkH%3DB8WB%7C%7CiH%3DB8WB%7C%7CYUHd%3Dc%7C%7CCHd%3Dm%7C%7C55Hd%3DvHLlYjljK8B!~(az6a%7C%7C_Hd%3Dz%7C%7Ck2Yd%3Dc8z%7C%7CY2Yd%3DR8RccRbzcbzBy8&wLS1PLFg=()fJaUw!JUmr(4U8MA1Firam(wBK.)sB.7mF.zO82)h%3D&j.!.=y&FqFS=W&LSE=QOgO9L!%20COL9wa&.6FS=.zymzBmWRzcm(vzvByvzRymWc&qq!S=%7B%22qqF.%22%3A%22ymWnybWnRynz%22%2C%22qqww%22%3A%22i_%22%2C%22qqqw%22%3A%22AQ%22%2C%22qqw(j%22%3A%22asgOgIO96%22%7D&.O9o=y&a(P!q9w=y&sflct=5590675&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:28 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Thu, 07 Dec 2023 18:56:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 92BE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.164 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122482
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Sat, 09 Dec 2023 04:57:51 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame C18D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
40317
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 07 Dec 2023 07:44:40 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 48c20cb247b267a59a8191c4d3bd787c.cloudfront.net (CloudFront)
x-amz-cf-id
kn6_U9jbqnMWSvuaSyS0-LSY_IGKKOAwhIjEpiKZnWd4cZJEccVxrg==
x-amz-cf-pop
MUC50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame 8C6A 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C404%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-216-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
798daa126b9435e47e6ffc4114d74972c3ba7202dc0b303bce786a631064f634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8573
content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Sat, 09 Dec 2023 18:56:29 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 1642 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 18:56:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B9FA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-108.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 07 Dec 2023 18:56:29 GMT
ETag
"623de86a-cf34"
Expires
Fri, 08 Dec 2023 18:56:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame ED35 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1701975385183
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/pastelink.js?1701975000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
18cc9ac5c4d4f8290b2b2ab7e7d33b406f2ed873b6639648192b082f8f6492ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1100
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7309928634360723598&gdpr=0&gdpr_consent=
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7309928634360723598&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7309928634360723598&gdpr=0&gdpr_consent=
Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=03cc78e8a1be7a6b19acda1974bd85b5&gdpr=0&gdpr_consent=0
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=03cc78e8a1be7a6b19acda1974bd85b5&gdpr=0&gdpr_consent=0
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=03cc78e8a1be7a6b19acda1974bd85b5&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
5
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch
ssum-sec.casalemedia.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.58.31.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-31-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=4345196838351415250&gdpr=0&gdpr_consent=
43 B
565 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=4345196838351415250&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=4345196838351415250&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
log
hblg.media.net/ Frame 7DCD 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDBjMWY0ODk4ODNlZGU4MTVjOWZkOTZkNDg0YWE3NTc3vKDYyAaYBwRDSBpwYXN0ZWxpbmsubmV0EjhDVVFOMTUyShAyNzE5NzMyOA4zMzZ4MjgwDmVhc3Rfc2MEMjMQQVBQTkVYVVMSOFBSMTEzSkdDDkJJRF9BUEkAEDI3MTk3MzI4AjBAcnRiLWFwcG5leHVzLTVmZDZiYjdmNzUtOHB2bXguU0MSNDQ2ODY4NTIyAjAAIAEQRVhDSEFOR0UCAmQ&evttyp=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:29 GMT
img
sync.mathtag.com/sync/ Frame ED35 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1701975385183
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x11 config_version:"2895" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x11 config_version:"2895"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 07 Dec 2023 18:56:28 GMT
tap.php
pixel.rubiconproject.com/ Frame ED35 		42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1701975385183
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame ED35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1701975385183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame ED35
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=upd17RrmxsHrMvRYiZuaL4_cnu0-nFWxn9pcrzdM6u8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=upd17RrmxsHrMvRYiZuaL4_cnu0-nFWxn9pcrzdM6u8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1701975385183
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TJ682KVNPNACB1YD2Z34
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=upd17RrmxsHrMvRYiZuaL4_cnu0-nFWxn9pcrzdM6u8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame ED35 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1701975385183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1642 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44289
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:38 GMT
async_usersync
ib.adnxs.com/ Frame B9FA 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
an-x-request-uuid
496890d7-84eb-4212-b531-95e5e5438bde
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame F9F3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.168.200 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8701f3165d4b8683047d3ecd47a65cb527f7359bdb9a5ff2e220b76ca7670ce8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 07 Dec 2023 18:56:29 GMT
etag
W/"09630fbfc8cba7b73c45460e2b3d0ab13"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame D1FB 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
baaf06b777700c44c78877b06e3ae15e3c797dd211974e6f5a58199a3d9451c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1122
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 9B0F 		791 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ip69.ip-5-196-111.eu
Software
/
Resource Hash
485bc2688f7ee7bfcb78b2ca7cea32868f81235efe7fa36b72de4586a36f7c86

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
791
content-type
text/html
date
Thu, 07 Dec 2023 18:56:28 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 46FA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
259a41d269f82d089dee24a43516e1f52dd71d8c0db5b0225ddc1528e653a763

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
831efd27a88001df-ZRH
content-encoding
br
content-type
text/html
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3vwEMKEn%2Fg2s3peV%2FUYv%2FgaErO%2FGtvN%2BnCRpKDI2ry%2F3XhKfw3oSd5Neq%2BCpfT2lbVw9g%2BAGen0ffB0KSq%2FAJOSb6ky1MoccDzxbEjq5kbTRoYR4hQUiifVpdN1W%2B5uRcWWU77M4U2u1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 403F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 18:56:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AE95 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.164 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122482
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Sat, 09 Dec 2023 04:57:51 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 2AF9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.3 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
d45f811982f43ce72509278b7cce54212735bd1a4b804b44f0326b3f22a98c15

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Thu, 07 Dec 2023 18:56:29 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
x-amz-cf-id
4VkJeno1dWoz65zDLxx8kj4ED9I3Rix6BYRPUXF0e2Ljzf3MiX9KAg==
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 6289 		0
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store
Connection
close
Content-Length
0
Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 4436 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.145.99.161 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
2eff0d54011431daaa7729799732f50fe7ca71897370f57a9d4a605831155efc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Thu, 07 Dec 2023 18:56:29 GMT
server
istio-envoy
x-envoy-upstream-service-time
5
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4794973522604621722
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4794973522604621722
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
an-x-request-uuid
9005dc50-2bfe-4efa-a4d1-6ea1c7702ba1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4794973522604621722
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HyFwuRZHJ6op3tEfTfe8aKdk
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HyFwuRZHJ6op3tEfTfe8aKdk
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HyFwuRZHJ6op3tEfTfe8aKdk
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap6ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame C18D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 07 Dec 2023 18:56:29 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1701975389475
  • https://ad.turn.com/r/cs?pid=45&rndcb=2837662477
  • https://sync.1rx.io/usersync/turn/3696678492010063826?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-94625df1-070c-4c7c-8e4a-53c093ceb845-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-94625df1-070c-4c7c-8e4a-53c093ceb845-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-94625df1-070c-4c7c-8e4a-53c093ceb845-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-94625df1-070c-4c7c-8e4a-53c093ceb845-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-94625df1-070c-4c7c-8e4a-53c093ceb845-003
date
Thu, 07 Dec 2023 18:56:29 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX94625df1070c4c7c8e4a53c093ceb845003
content-type
text/html
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5124322330011547431
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5124322330011547431
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5124322330011547431
Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=47d85e0a-7d80-47ea-a074-6c71072bd1a4
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=47d85e0a-7d80-47ea-a074-6c71072bd1a4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-146
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=47d85e0a-7d80-47ea-a074-6c71072bd1a4
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTa...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01NDhmY2M5OC1hN2EwLTNhN...
  • https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yM...
  • https://ssp.disqus.com/match?bidder=29&buyeruid=1LMDH8x3jxoV&r=Cid1YS01NDhmY2M5OC1hN2EwLTNhNWQtODNjOS0yMjFmOGNmNmM1ODUQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS...
  • https://ads.servenobid.com/sync?pid=346&uid=ua-548fcc98-a7a0-3a5d-83c9-221f8cf6c585
0
0
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-gA3NKdFE2uHFD89eusKnA2rSVvI.QoUGX.LaLE4-~A
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame C18D 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.31.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-31-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
sync
ads.servenobid.com/ Frame C18D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 07 Dec 2023 18:56:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 07 Dec 2023 18:56:29 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 92BE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92809201&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f674c5b5b1a5aca67f21db89bdbc9270bafceaa242a21b0bf62064532a327a24

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 07 Dec 2023 18:56:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame FD6C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11801&pub_id=2194068&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11801&pub_id=2194068
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
an-x-request-uuid
02d199e9-eb11-4b57-8e35-06d36ee8ff2a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame D1FB 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x1 config_version:"2895" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x1 config_version:"2895"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Thu, 07 Dec 2023 18:56:28 GMT
tap.php
pixel.rubiconproject.com/ Frame D1FB 		42 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=upd17RrmxsHrMvRYiZuaL4_cnu0-nFWxn9pcrzdM6u8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame D1FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame D1FB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=I9-Idt15lEFfH5Wwu8ALdNPoCZ7flzSl_jTrBvaBE5c
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=I9-Idt15lEFfH5Wwu8ALdNPoCZ7flzSl_jTrBvaBE5c
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6Z6F2P2VZKJX7GCQ2Q5J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=I9-Idt15lEFfH5Wwu8ALdNPoCZ7flzSl_jTrBvaBE5c
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame D1FB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.servenobid.com/ Frame D1FB 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=upd17RrmxsHrMvRYiZuaL4_cnu0-nFWxn9pcrzdM6u8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 9B0F 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3322655952767938813&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dcm
s.amazon-adsystem.com/ Frame 9B0F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3322655952767938813&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3322655952767938813&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
936HKW433EQCB6K67V1R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3322655952767938813&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
redir
rtb-csync.smartadserver.com/ Frame 9B0F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACdF07K5CsAABT32dTPbw&partnerid=127&gdpr=0
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AACdF07K5CsAABT32dTPbw&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AACdF07K5CsAABT32dTPbw&partnerid=127&gdpr=0
Date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 9B0F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=D-rZAAjq21YU6IwHWu7DAFjr1wcUutYHWOgJl2eL
43 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=D-rZAAjq21YU6IwHWu7DAFjr1wcUutYHWOgJl2eL
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.146 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=D-rZAAjq21YU6IwHWu7DAFjr1wcUutYHWOgJl2eL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 9B0F
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
52.58.31.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-31-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3322655952767938813&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
img
sync.mathtag.com/sync/ Frame E4DE 		43 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1143 599e619 master zrh zrh-pixel-x28 config_version:"2895" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 18:56:29 GMT
Expires
Thu, 07 Dec 2023 18:56:28 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master zrh zrh-pixel-x28 config_version:"2895"
Pug
simage2.pubmatic.com/AdServer/ Frame 36BD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 18:56:28 GMT
expires
Thu, 07 Dec 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
635134
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D63F 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=36738E8D-DD57-4107-A09C-DF8B19CC796A&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 18:56:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PPBPJNEVSS6ZPN8MA3XS
Pug
image2.pubmatic.com/AdServer/ Frame DF57
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nB2YSZsdmh-HH81OzBmCS8kezh-HTckekkyPwOLh
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nB2YSZsdmh-HH81OzBmCS8kezh-HTckekkyPwOLh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nB2YSZsdmh-HH81OzBmCS8kezh-HTckekkyPwOLh
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 48AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4794973522604621722&gdpr=0&gdpr_consent=
42 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4794973522604621722&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
16f5dd8a-3c0b-4870-a297-4ec92cfdc33e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4794973522604621722&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5783
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7309928634360723598&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7309928634360723598&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 07 Dec 2023 18:56:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7309928634360723598&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 0F1A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lHe6psvHWJZQxNzoYir8aLnDR9c&gdpr=0&gdpr_consent=
42 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lHe6psvHWJZQxNzoYir8aLnDR9c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Dec 2023 18:56:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=lHe6psvHWJZQxNzoYir8aLnDR9c&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 6034
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c369925a-feca-4f24-ab73-0a2d475901f1&user_group=1&ssp=pubmatic&bsw_param=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
image2.pubmatic.com/AdServer/ Frame 05BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZEYwN0s1Q3NBQUJUMzJkVFBidw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_init...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACdF07K5CsAABT32dTPbw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACdF07K5CsAABT32dTPbw&pid=558502&do=add&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACdF07K5CsAABT32dTPbw&gdpr=0
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACdF07K5CsAABT32dTPbw&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACdF07K5CsAABT32dTPbw&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 4F1A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXIVXQAFKxVEEgAM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 07 Dec 2023 18:56:29 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6920-MXP
x-timer
S1701975390.639986,VS0,VE94

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXIVXQAFKxVEEgAM
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6920-MXP
x-timer
S1701975390.519327,VS0,VE94
Pug
image2.pubmatic.com/AdServer/ Frame 1B1A
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd1d1b8239cd54b5c9b0b2d0415c4d4d0
42 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd1d1b8239cd54b5c9b0b2d0415c4d4d0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd1d1b8239cd54b5c9b0b2d0415c4d4d0
pragma
no-cache
server
Tengine
bridge
cm.adgrx.com/ Frame 14BC 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
/
csync.loopme.me/ Frame 4B17 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame EF5F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7750569593600309433
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7750569593600309433
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7750569593600309433
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 0B95
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322330011547421
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322330011547421
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 07 Dec 2023 18:56:29 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322330011547421
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 3C70 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Dec 2023 18:56:29 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-79cdd696c85c@version_1.578v2
X-core-time
0ms
X-server-arch
v2
cm
ipac.ctnsnet.com/int/ Frame 331F 		43 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cs
cs-server-s2s.yellowblue.io/ Frame 3757
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=95c6dced9bc6bfb4/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=2e100f3c928ba0829d7b939d57257785&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRVjUQjnQRhjUhMhW&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.145.99.161 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 07 Dec 2023 18:56:29 GMT
server
istio-envoy
x-envoy-upstream-service-time
0

Redirect headers

cache-control
private,max-age=86400
content-length
115
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5069 		0
0
i.match
s.tribalfusion.com/z/ Frame E723
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 92BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NnOOjd1XQQegnN-LGcx5ag%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
23.52.122.164 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122482
accept-ranges
bytes
content-length
5622
expires
Sat, 09 Dec 2023 04:57:51 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 92BE 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=36738E8D-DD57-4107-A09C-DF8B19CC796A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-165-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.159
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 92BE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3869456685
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3869456685
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
34.111.129.221 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
via
1.1 google
last-modified
Thu, 07 Dec 2023 18:56:29 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
via
1.1 google
last-modified
Thu, 07 Dec 2023 18:56:29 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3869456685
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 92BE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
HTTP/1.1
Server
52.208.123.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-123-102.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQHDynLqYiC2rRbP2hgdJY&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQHDynLqYiC2rRbP2hgdJY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJQHDynLqYiC2rRbP2hgdJY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 92BE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:70074FA7404D4B57A390E9F285D881B3
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
54.145.99.161 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ads.pubmatic.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5008915001768587012
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5008915001768587012
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 17:34:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5008915001768587012
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 92BE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
36738E8D-DD57-4107-A09C-DF8B19CC796A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 92BE 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/36738E8D-DD57-4107-A09C-DF8B19CC796A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=36738E8D-DD57-4107-A09C-DF8B19CC796A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ka3phcNE2uWROiLFAoslm1.MnDVd4lQ-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ka3phcNE2uWROiLFAoslm1.MnDVd4lQ-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ka3phcNE2uWROiLFAoslm1.MnDVd4lQ-~A&gdpr=0
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64b2203b-b69e-41c9-bd37-d19c983b2f43-6572155d-4348&gdpr=0&gdpr_consent=
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64b2203b-b69e-41c9-bd37-d19c983b2f43-6572155d-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:28 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=64b2203b-b69e-41c9-bd37-d19c983b2f43-6572155d-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3ccea8df8c5016ce&is_secure=true&networkId=17100&version=1&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIGhmvQnjFiAMFl3aeAAAAAAA&expiration=1702061789&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIGhmvQnjFiAMFl3aeAAAAAAA&expiration=1702061789&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIGhmvQnjFiAMFl3aeAAAAAAA&expiration=1702061789&nuid=36738E8D-DD57-4107-A09C-DF8B19CC796A&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3624620897972135890&gdpr=0&gdpr_consent=&us_privacy=
1 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3624620897972135890&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3624620897972135890&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 92BE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a87da24d-da62-47e8-aac6-0e13a4fb211f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a87da24d-da62-47e8-aac6-0e13a4fb211f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 18:56:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a87da24d-da62-47e8-aac6-0e13a4fb211f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
31327
i.liadm.com/s/ Frame 46FA 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.0.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-0-120.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 46FA
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gK9__oevfaibrSr70_tl_9KpfKib_n__1f5V8u_U
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gK9__oevfaibrSr70_tl_9KpfKib_n__1f5V8u_U
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha774ZrSLnU1FVvrd8laTbBazBYjEoBqs0j2jgvyn%2FNdpROjIJy8%2BV31fBYUE%2FcE%2F9BM9ui1EeIZgXuOsN3UeG%2FHcyl0O2NwlA88ZomBoaCdhi2F9tlIA7qoVlpjgrtOOk%2F5NN6BCbojZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831efd289a5401df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gK9__oevfaibrSr70_tl_9KpfKib_n__1f5V8u_U
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 46FA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
b479bbfa5c15f6bb22b76c6f28cd9e8
pr-bh.ybp.yahoo.com/sync/stickyads/ Frame 46FA
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=b479bbfa5c15f6bb22b76c6f28cd9e8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml02ab_7311066216679186806&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YjQ3OWJiZmE1YzE1ZjZiYjIyYjc2YzZmMjhjZDllOA==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEB__Ndl8xLQF4BBGGtQ-KPQ&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACdF07K5CsAABT32dTPbw&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/b479bbfa5c15f6bb22b76c6f28cd9e8?gdpr=0&gdpr_consent=
0
0
/
csync.loopme.me/ Frame 46FA 		0
0
CookieIndex
rtb.adentifi.com/ Frame 46FA 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.245.140 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
crum
dsum-sec.casalemedia.com/ Frame 46FA
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699cf6339db27w2y400lpvk7bl3
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699cf6339db27w2y400lpvk7bl3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFKYUpUdDSbbcabQUx86X1XhPTcqkdKEQM%2BdS5HyxfIGUISmvLPP1P7cCvrrZkfr46h%2FQNV9EEaikdgnzR6AMMXNp0l1qmDE35OIqTlTVBVRlF7pva6zq%2BTIUait%2FS%2FFKsPw2SNUttjhuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831efd2ace4401df-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 07 Dec 2023 18:56:29 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e9699cf6339db27w2y400lpvk7bl3
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ibs:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370
dpm.demdex.net/ Frame 46FA 		42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXIVWqix3sFrBQxOiD9eGwAA%263370?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.209.217.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-217-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-08dbc1c84.edge-irl1.demdex.com 5 ms
pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
LkkYGum3RU4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.servenobid.com/ Frame 46FA 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZXIVWqix3sFrBQxOiD9eGwAADSoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 403F 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44289
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:38 GMT
khaos.json
token.rubiconproject.com/ Frame 403F 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPVK77XO-1F-JLPD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4794973522604621722
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4794973522604621722
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
an-x-request-uuid
e03269c5-22eb-46e7-be3a-d85a8569cbc9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4794973522604621722
x-proxy-origin
185.195.71.215; 185.195.71.215; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a4fb47d6-df0d-4785-9d7c-ee3b614ad04c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=10564455-8f75-4465-9f1a-2d80fd8caaa9&expires=1&user_group=5&ssp=gumgum2&bsw_param=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9&gdpr=0&gdpr_consent=&us_privacy=
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f9c6d7a1-a9a9-4d15-9c26-2bffc9cf9a04
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=f9c6d7a1-a9a9-4d15-9c26-2bffc9cf9a04
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Dec 2023 18:56:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=f9c6d7a1-a9a9-4d15-9c26-2bffc9cf9a04
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-9477baa6-cbc7-5896-50c4-dce8622afc68$ip$185.195.71.215
0
0
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-K70AgqFE2pfuq13_IPOwRAYYY_TdM5XoFEfw~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-K70AgqFE2pfuq13_IPOwRAYYY_TdM5XoFEfw~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-K70AgqFE2pfuq13_IPOwRAYYY_TdM5XoFEfw~A
content-length
0
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=cbd7d152-d96d-4294-899a-43f48f7d9ce0
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=cbd7d152-d96d-4294-899a-43f48f7d9ce0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=cbd7d152-d96d-4294-899a-43f48f7d9ce0
Date
Thu, 07 Dec 2023 18:56:29 GMT
Connection
keep-alive
X-CI-RTID
e5a7a3a4-17cb-4509-8e48-7918a608eb5b
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame F9F3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
content-length
0
server
b
/
b1sync.zemanta.com/usersync/gumgum/ Frame F9F3 		0
0
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=1LMDH8x3jxoV&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=1LMDH8x3jxoV&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=1LMDH8x3jxoV&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-v92vn
expires
-1
usersync
usersync.gumgum.com/ Frame F9F3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=3322655952767938813
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=3322655952767938813
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=3322655952767938813
date
Thu, 07 Dec 2023 18:56:29 GMT
content-length
0
sync
ads.servenobid.com/ Frame F9F3 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_a4fb47d6-df0d-4785-9d7c-ee3b614ad04c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 829A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=5008915001768587012&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=5008915001768587012&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.168.200 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=5008915001768587012&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame F96E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hNGZiNDdkNi1kZjBkLTQ3ODUtOWQ3Yy1lZTNiNjE0YWQwNGM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7D4F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.164 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=122482
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 07 Dec 2023 18:56:29 GMT
expires
Sat, 09 Dec 2023 04:57:51 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame DA46 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Thu, 07 Dec 2023 18:56:29 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame 13E7 		0
0
usersync
usersync.gumgum.com/ Frame 04B0
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=5KT1nxpQZQJXgO7Fzf7BR5t36HUEpMVL7ebCYuBvHqc&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=5KT1nxpQZQJXgO7Fzf7BR5t36HUEpMVL7ebCYuBvHqc&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Dec 2023 18:56:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT Thu, 07 Dec 2023 18:56:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=5KT1nxpQZQJXgO7Fzf7BR5t36HUEpMVL7ebCYuBvHqc&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8C8D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 18:56:29 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Dec 2023 18:56:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 403F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LPVK77XO-1F-JLPD
  • https://ads.servenobid.com/sync?pid=323&uid=LPVK77XO-1F-JLPD
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LPVK77XO-1F-JLPD
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LPVK77XO-1F-JLPD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Expires
0
vevent
nym1-ib.adnxs.com/ Frame 7DCD 		0
662 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https://pastelink.net/bvpyuz2q&e=wqT_3QKCBfBMggIAAAMA1gAFAQjZqsirBhCSkJPWr_PV_HMYl8j5pJv92a9MKjYJO99PjZdukj8RS8gHPZtVjz8ZAAAAYGZmAEAhS8gHPZtVjz8pO98JJNgxAAAAQOF6xD8wkP_7DDiZXECVCUhgUKrYitUBWMvdoQFgAGj99sQBeJ_mAoABAYoBA1VTRJIBAQbw_ZgB0AKgAZgCqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALRwVnqAh5odHRwczovL3Bhc3RlbGluay5uZXQvYnZweXV6MnGAAwCIAwGQAwCYAxSgAwGqA0ESGDU4ODMyNjY2MTYwMzQ4ODczMDhfc2JpZBoTODM1NjgwNjkwNjcwNjQ0NjM1NCIJNDQ2ODY4NTIyKgVNMTE3M8AD2ATIAwDYA_uVwgHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA4xODUuMTk1LjcxLjIxNagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8ASqISEw-gQSCQAAACCMkkdAESFJ2GlPIECIBQGYBQCgBYyNsv2P-uPSUaoFDzczODExMjkxMzRiODM2NsAFAMkFAAAAAAAA8D_SBQkBRQUBcNgFAeAFAfAFhZtK-gUECAAQAJAGAJgGALgGAMEGBSIwAPA_0Aav8QHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAef5gLSBw0VZQEmCNoHBgFewBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARAAGAA.&s=69c888e6577d511e4706f383aad1d26edf3364d8&type=pv&jm=1003&px=495&py=325&bw=336&bh=280&sf=1&sid=3655032991320321639&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27197328&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
an-x-request-uuid
ba6c8127-ae68-498b-bf86-4b45b41382da
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.215; 185.195.71.215; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8C8D 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 18:56:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44289
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:38 GMT
log
lg3.media.net/ Frame 7DCD 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CU4FCKBR&vi=1701975388159685071&hvsid=00001701975388264031165826566931&cdv=1129&bid=348145&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=301&l2s_downloadTime=10&l2s_total=312&l2s_start=101&l2s_sslTime=0&l2s_trfSize=25.5&l2s_decSize=71.4&l2s_encSize=25.3&l2s_nhp=h2&l2s_host=contextual.media.net&bql_dnsTime=0&bql_connectionTime=0&bql_waitTime=59&bql_downloadTime=1&bql_total=60&bql_start=390&bql_sslTime=0&bql_trfSize=0.3&bql_decSize=0.0&bql_encSize=0.0&bql_nhp=h2&bql_host=lg3.media.net&l1s_dnsTime=0&l1s_connectionTime=0&l1s_waitTime=65&l1s_downloadTime=16&l1s_total=81&l1s_start=4&l1s_sslTime=0&l1s_trfSize=37.5&l1s_decSize=98.5&l1s_encSize=37.2&l1s_nhp=h2&l1s_host=contextual.media.net&font_dnsTime=0&font_connectionTime=0&font_waitTime=65&font_downloadTime=10&font_total=75&font_start=312&font_sslTime=0&font_trfSize=24.5&font_decSize=24.2&font_encSize=24.2&font_nhp=h2&font_host=contextual.media.net&gdpr=1&mspa=0
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 18:56:29 GMT
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 07 Dec 2023 18:56:29 GMT
bqi.php
lg3.media.net/ Frame 7DCD 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2249&lf=3&&vgd_hb_audit_1=8CUQN152J&vgd_hb_audit_2=881526814&vgd_tsce=L340&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=348145&vgd_cdv=1129&vgd_cage=2&vgd_rensize=336_280&vgd_ren_page_h=3429&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9A~eBMJ-Nv9.uA~e8QMQOvuhW~ONfvu~QNOvly~eM1QzvXFW9A~ejfLMQOvf9fAuf9huu~8xLjMGvuAfF.FA~xLjM7UNv9~Q7OvfhuihAfW~j1Q7v~e8QMxLjMGv9.9W~8EvAmPDBN~kGGv9~e8QMxLjMjvf9~L88Ex1vh%2Ch~J7vuH~LNvu~LEQMQOvf9fAuf9huf~e8QMGvH99.i~xLjMGv9.hX~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~JNEMJJLvFW.AA~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9A~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvf.hA%2CAu.X~Q8OvWAXFuFX9H~QOv9~x8OvfV1ZjisZ-HDqsT0A_k~G7OvA9W9WuufFHHH9HFiuAiXhihuhuAhFhhiWfAAFWAAWfWhAf9FiFff9HHAufHXWWWWu9HWH9ihuuFAhuHHAWhfWFXAAFXfXWu9iWHiF99~eBxv9.uA~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9A~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.iF~exLjMGvu.fi~QQvIK~NNv%3Dq~x8Bvou~NJv9~LEQMGvAu.X~exLjMjvf9~%3DVvA9XA~UGMxNvof~z7QvA~UGMNNUQvof~c0fv.*SE.*~N7vwxzJzGJLy~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.hW~8Q8kv9~G8Ov9.9A~ONvW~ejfLMGvf.hA~8exLjMjvf9~NGOEv9.9uW~875EJM8OvuF~QJjjJLM71yM8OvfhuihAfW~QxEEj5M71yM8OvfhuihAfW~e8JB1G8j875v9.ufhfAH~EmQv9~N1LL8JLVOv9~myG8Ov9.9A9~GkjLv9.9uf~Qx8Ov~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvOJk1xj7~8zQjv9~QmGEv~w7Yjvu~ONx7vH9~OmyGv9ou~8GNvu~zQlvA~7yQvA99-fX9%7CAAF-fW9%7ChfW-i9~GQGv9~GQEv9~7Y-vu9h&vgd_lbt=50&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU4FCKBR&crid=835616504&rrr=tzR-hLcl-L_ecdZ-K1Ewtxlbo_m3ZJ2GvoF-QPYaRSeN4q68uDRz-g%3D%3D&requrl=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q&vi=1701975388159685071&ugd=4&cc=CH&sc=ZH&bdrid=460&subBdr=196&vgd_kwrf=https%3A%2F%2Fpastelink.net&startTime=1701975388262&l1ch=1&l1hcsd=l1!Og4dd|8031&mmm=soyeAXxRKnfeGuwBiERp0Ppt1rc7e4fwiqtfg3CLPXqeA91I37GTB_vQQE8eYFB6RfolTaAZNELgrgiNBUCC3w==&buid=348145&sttm=1701975388264&upk=1701975388.27779&hvsid=00001701975388264031165826566931&acid=0c1f489883ede815c9fd96d484aa7577&verid=3111299&infr=1&stime=1701975388176&tsrc=entity&kafm_ull_cache=00&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1701975388158185030&vgd_sc=ZH&vgd_ecrid=446868522&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p01803857068t202312071856&vgd_pgids=4&vgd_end=1
Requested by
Host: pastelink.net
URL: https://pastelink.net/bvpyuz2q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.196.17 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-196-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Thu, 07 Dec 2023 18:56:29 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Thu, 07 Dec 2023 18:56:29 GMT
khaos.json
token.rubiconproject.com/ Frame 8C8D 		7 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LPVK77XO-1F-JLPD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Expires
0
usersync
usersync.gumgum.com/ Frame 8C8D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPVK77XO-1F-JLPD
  • https://usersync.gumgum.com/usersync?b=mag&i=LPVK77XO-1F-JLPD
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LPVK77XO-1F-JLPD
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LPVK77XO-1F-JLPD
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
cs
cs.yellowblue.io/ Frame 4436
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.194.233.137 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Dec 2023 18:56:29 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=b479bbfa5c15f6bb22b76c6f28cd9e8&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1701975389691056-428
cs
cs-server-s2s.yellowblue.io/ Frame 4436
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.145.99.161 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
date
Thu, 07 Dec 2023 18:56:29 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/universal/ Frame 4436 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.31.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-31-215.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
sync
ads.servenobid.com/ Frame 4436 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=4Oth84c-Cp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2AF9
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2AF9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXIVWqix3sFrBQxOiD9eGwAA%263370
0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2AF9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2AF9
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2948510038135636700431
0
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 2AF9
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=97a291d5-fe2e-4a17-83c5-22e5419c11a7
0
0
pixel
ap.lijit.com/ Frame 2AF9 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 07 Dec 2023 18:56:29 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 2AF9
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=03cc78e8a1be7a6b19acda1974bd85b5
0
0
sync
ads.servenobid.com/ Frame 2AF9 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=auah8fn-Cp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.96.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-96-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:56:29 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=346&uid=ua-548fcc98-a7a0-3a5d-83c9-221f8cf6c585
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
s.tribalfusion.com
URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/stickyads/b479bbfa5c15f6bb22b76c6f28cd9e8?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sta&i=0-9477baa6-cbc7-5896-50c4-dce8622afc68$ip$185.195.71.215
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a4fb47d6-df0d-4785-9d7c-ee3b614ad04c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZXIVWqix3sFrBQxOiD9eGwAA%263370
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=36738E8D-DD57-4107-A09C-DF8B19CC796A
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=2948510038135636700431
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=97a291d5-fe2e-4a17-83c5-22e5419c11a7
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=03cc78e8a1be7a6b19acda1974bd85b5

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture function| $ function| jQuery function| Cookies object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha function| onYouTubeIframeAPIReady object| googletag object| gaGlobal object| gaplugins object| gaData object| bsaexperiments object| bsablockthrough object| bsagpt object| bsaheaderbid object| optimize object| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am object| ggeac object| google_js_reporting_queue boolean| __bt_already_invoked undefined| google_measure_js_timing object| google_reactive_ads_global_state object| Criteo function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| pbjs object| regeneratorRuntime object| ox_esp object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo_identitytag_145 object| __uid2SecureSignalProvider object| __uid2 object| sas object| apntag object| _ADAGIO number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS number| lnt_z object| _mNDetails object| google_image_requests object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

90 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARDWFgoJCP____8HEOAW
i6.liadm.com/s Name: _li_ss
Value: CgA
pastelink.net/ Name: PHPSESSID
Value: 1v6kr5184igsa1m5li57bc15of
.pastelink.net/ Name: _gcl_au
Value: 1.1.2061092197.1701975384
.pastelink.net/ Name: _ga
Value: GA1.2.36841767.1701975384
.pastelink.net/ Name: _gid
Value: GA1.2.941301543.1701975385
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
.rubiconproject.com/ Name: khaos
Value: LPVK77XO-1F-JLPD
.criteo.com/ Name: uid
Value: 0f3e0b40-d309-457a-98d5-99db66a822e7
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 2e100f3c928ba0829d7b939d57257785
.pastelink.net/ Name: _cc_id
Value: 2e100f3c928ba0829d7b939d57257785
.pastelink.net/ Name: panoramaId_expiry
Value: 1702580185209
.pastelink.net/ Name: panoramaId
Value: c2876dfb5a737dfc95c295516d2c185ca02c479469da495ef45f929247b083d8
.pastelink.net/ Name: panoramaIdType
Value: panoDevice
.openx.net/ Name: i
Value: dd574c88-283b-4ab4-a18b-f3fa65b8a8bf|1701975385
.360yield.com/ Name: tuuid
Value: 1b9ceab9-02f7-4ddb-8096-c4cab7e776bf
.360yield.com/ Name: tuuid_lu
Value: 1701975385
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 587752=5749616
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500016409%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0
.adnxs.com/ Name: icu
Value: ChgIvahBEAoYASABKAEw2arIqwY4AUABSAEQ2arIqwYYAA..
.adnxs.com/ Name: uuid2
Value: 4794973522604621722
.omnitagjs.com/ Name: ayl_visitor
Value: 03cc78e8a1be7a6b19acda1974bd85b5
.yahoo.com/ Name: A3
Value: d=AQABBFkVcmUCEA8haQ2U1ZqEO0Ezw3lJffMFEgEBAQFmc2V7Zbti0CMA_eMAAA&S=AQAAAsF9Zevma_96xgUbSySV35M
.pastelink.net/ Name: connectId
Value: {"ttl":86400000,"lastUsed":1701975385514,"lastSynced":1701975385514}
.openx.net/ Name: pd
Value: v2|1701975385|n0vNvQiygu
.smartadserver.com/ Name: pid
Value: 3322655952767938813
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500016409%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0&c=1&l=1047347517&lo=1852618765&lt=638375721852833364&o=1
.doubleclick.net/ Name: IDE
Value: AHWqTUkfORqsGTot7FDZPY1SBSwqXzDGCHBVYMBgclzwmHB-tLEyW3YCtfqp0tYLcl0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5008915001768587012
.amazon-adsystem.com/ Name: ad-id
Value: AwrX5DWo_0zgsPGi9wtH88o
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pastelink.net/ Name: _ga_4KDXYD7HFC
Value: GS1.2.1701975384.1.0.1701975385.0.0.0
.onetag-sys.com/ Name: OTP
Value: biF8Ao7T7XAZDv-yQtN4V-uA3-eANOjf2jDEqChH_d0
.analytics.yahoo.com/ Name: IDSYNC
Value: 194o~2fh6
.bidswitch.net/ Name: tuuid
Value: 000dd7ca-dc3d-4b05-b5cf-86f430b0e0f9
.bidswitch.net/ Name: c
Value: 1701975386
.bidswitch.net/ Name: tuuid_lu
Value: 1701975386
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1703116800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 36738E8D-DD57-4107-A09C-DF8B19CC796A
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: b479bbfa5c15f6bb22b76c6f28cd9e8
.pastelink.net/ Name: __gads
Value: ID=e6e35e49dce60333:T=1701975386:RT=1701975386:S=ALNI_MZbjR6woZi250rSOSDyMHrtCv1hYw
.pastelink.net/ Name: __gpi
Value: UID=00000d0f6071e3c3:T=1701975386:RT=1701975386:S=ALNI_MazGQDu3ixRIkuHmLwHvJV9pXa3XA
.creative-serving.com/ Name: tuuid
Value: 1963e05b-b720-47a6-856d-4f8f72da7bdb
.creative-serving.com/ Name: c
Value: 1701975386
.creative-serving.com/ Name: tuuid_lu
Value: 1701975386
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1701975384.1.0.1701975386.0.0.0
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.admanmedia.com/ Name: admtr
Value: cb5a7b8a-8e5c-4be2-b48c-5bdcf9b2fed1
.admanmedia.com/ Name: ac_r
Value: CS253
.contextweb.com/ Name: V
Value: 1LMDH8x3jxoV
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3a2cb37e86a262eb
.casalemedia.com/ Name: CMID
Value: ZXIVWqix3sFrBQxOiD9eGwAA
.casalemedia.com/ Name: CMPS
Value: 3370
.casalemedia.com/ Name: CMPRO
Value: 3370
.bing.com/ Name: MUID
Value: 315F60CDC2076A07175D732DC3C76BD3
.w55c.net/ Name: wfivefivec
Value: RA06NI3R1RbjxV5
.demdex.net/ Name: demdex
Value: 24601945067116497834479794651889150161
.w55c.net/ Name: matchcasale
Value: 5
.dpm.demdex.net/ Name: dpm
Value: 24601945067116497834479794651889150161
.marphezis.com/ Name: bcu
Value: M0tVR3hQJTc-P1RYNQdEVSNlIyg1BlBFRV1WWU03ECAyMjkAHFYxNBslOQwsBilxDCMSCSg4EHJCW1FbR1RfT2RLU0dySwo2A0AqLRkBUwQOBxkNUhgKIxwdFR5FFQ==
.liadm.com/ Name: lidid
Value: 9afae485-cb54-4870-82ad-d11bb5fa1be2
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.linkedin.com/ Name: bcookie
Value: "v=2&fc248ce2-c8fe-49d1-8eb5-3cde176879c8"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDE5NzUzODc7MjswMjGupBgLT2asqytzHeetNh1NZKj1i6mo43u7nD9VdFZ4TA==
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2928:u=1:x=1:i=1701975387:t=1702061787:v=2:sig=AQHhx5n7c6matD6zrsMqbwukAwgLYgi3"
.bidr.io/ Name: bito
Value: AACdF07K5CsAABT32dTPbw
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_TS
Value: 1701975387534
.tapad.com/ Name: TapAd_DID
Value: 3864616c-a788-4a26-9246-cd15f3c64b6e
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.connatix.com/ Name: cnx_userId
Value: e7ec95854a7d4b9f949af2ae5e891cd2
.pastelink.net/ Name: cto_bundle
Value: yr5HYF9DOGdCSVJVNVlNdTdrekdYN3BzNCUyRk9rQUJ2c3RPY1RlUjFFTlc1MldTZ2MlMkZTMWZybkhhRlIzUzM2bUhSRDFGaDQ1SXpiVkpXWlRmJTJGbGxhbllwNWxEUGhrT25qWk5NclhvOUNQZlpFOG1Wa1dXeFRraWJvNVYwS1Q3VmliJTJCN1NWVldWQ3g5RFdDaXNTWWVaT0xkVE83ZyUzRCUzRA
.ipredictive.com/ Name: cu
Value: cbd7d152-d96d-4294-899a-43f48f7d9ce0|1701975387711
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrtpmzyVbs4DBwWzGvB5zjFmi1YrgPAFMp/RyPa/PsGdWbkvghBUCU2JjkivWc+KvUTZI9/Nf5XGCYbB5SW5XQ3mePgyV9QG0XQD5U7tEfUTQ==
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1of1|7GB.0.1|8m8.0.1
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMTItMDdUMTg6NTY6MjUuMDYxNzYyNzQ1WiIsImltcHJvdmVkaWdpdGFsIjoiMjAyMy0xMi0wN1QxODo1NjoyNS4wNjE3MTk3MDhaIiwib25ldGFnIjoiMjAyMy0xMi0wN1QxODo1NjoyNS4wNjE3NjEyNDhaIiwic21hcnQiOiIyMDIzLTEyLTA3VDE4OjU2OjI1LjA2MTc2NjMxN1oifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiMjY1Mjg3NGEtN2U0MC00MWM1LWFhNDMtODU2NjZhZjA1NDQ2IiwiZXhwaXJlcyI6IjIwMjQtMDItMDVUMTg6NTY6MjUuMDYwODU3ODI2WiJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIxYjljZWFiOS0wMmY3LTRkZGItODA5Ni1jNGNhYjdlNzc2YmYiLCJleHBpcmVzIjoiMjAyNC0wMi0wNVQxODo1NjoyNS40NTU2NzE1ODVaIn0sIm9uZXRhZyI6eyJ1aWQiOiJiaUY4QW83VDdYQVpEdi15UXRONFYtdUEzLWVBTk9qZjJqREVxQ2hIX2QwIiwiZXhwaXJlcyI6IjIwMjQtMDItMDVUMTg6NTY6MjYuMjEwNzQxMDg5WiJ9LCJzbWFydCI6eyJ1aWQiOiIzMzIyNjU1OTUyNzY3OTM4ODEzIiwiZXhwaXJlcyI6IjIwMjQtMDItMDVUMTg6NTY6MjguMjE0OTk4MDM0WiJ9fSwiYmRheSI6IjIwMjMtMTItMDdUMTg6NTY6MjUuMDYwODA0MzY1WiJ9
.audrte.com/ Name: arcki2
Value: f9eTYKPeopmTOKsPlnd5YUasw!20220908!1701975388388!ip#185.195.71.215
.audrte.com/ Name: arcki2_ddp2
Value: f9eTYKPeopmTOKsPlnd5YUasw!20220908!1701975388500
.audrte.com/ Name: arcki2_adform
Value: 5008915001768587012!20220908!1701975388596
.smartadserver.com/ Name: csync
Value: 86:4794973522604621722|92:1LMDH8x3jxoV|141:f9eTYKPeopmTOKsPlnd5YUasw
.audrte.com/ Name: arcki2_smart
Value: 3322655952767938813!20220908!1701975388818

4 Console Messages

Source Level URL
Text
network error URL: https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fpastelink.net%2Fbvpyuz2q
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58524a1309d6c71a67e4ade4e871a24f.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adsdk.microsoft.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btloader.com
c1.adform.net
capi.connatix.com
cdn-ima.33across.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.topsrvimp.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connectid.analytics.yahoo.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
g2.gumgum.com
google-bidout-d.openx.net
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
lg3.media.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
nym1-ib.adnxs.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
region1.google-analytics.com
rt.marphezis.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv.buysellads.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.4dex.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
warp.media.net
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.servenobid.com
b1sync.zemanta.com
cm-supply-web.gammaplatform.com
cs-rtb.minutemedia-prebid.com
csync.loopme.me
pr-bh.ybp.yahoo.com
s.tribalfusion.com
tg.socdm.com
usersync.gumgum.com
104.18.35.167
104.18.36.155
108.139.243.34
130.211.23.194
141.94.171.213
141.94.242.206
141.95.33.120
142.250.181.230
142.250.185.66
145.40.97.67
151.101.130.49
161.35.94.167
161.35.94.188
169.197.150.8
172.64.146.152
178.128.135.204
178.250.1.9
178.79.242.181
18.197.244.187
18.66.97.14
185.184.8.90
185.29.132.241
185.64.189.112
185.64.190.78
185.86.138.121
185.86.138.146
193.0.160.131
195.5.165.20
198.47.127.18
198.47.127.20
198.47.127.205
2.16.164.91
2.19.216.27
2.19.217.60
2001:4860:4802:32::36
208.93.169.131
213.155.156.166
216.52.2.30
216.52.2.39
23.212.211.47
23.35.224.23
23.52.122.108
23.52.122.164
2600:1f18:ed:550a:3941:84f1:d852:9a8a
2600:9000:2250:3c00:a:e047:753:a221
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:10::ac43:293c
2606:4700:20::ac43:4513
2606:4700:20::ac43:4bf1
2606:4700:4400::6812:22b2
2606:4700::6810:5914
2606:4700::6811:180e
2607:ae80:192:1::172
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:46::45
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:2c::213:614a
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:c84a:f3f:c1a8:24dc
3.125.110.167
3.71.149.231
34.102.146.192
34.111.113.62
34.111.129.221
34.120.107.143
34.120.63.153
34.149.40.38
34.95.69.49
34.96.70.87
35.186.193.173
35.194.66.159
35.208.249.213
35.210.53.219
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.228
37.252.172.123
46.228.164.11
46.228.174.117
5.196.111.69
51.255.68.171
51.89.9.254
52.208.123.102
52.209.217.80
52.210.15.1
52.214.165.240
52.28.254.225
52.30.179.44
52.45.83.84
52.46.143.56
52.51.96.110
52.58.31.215
52.94.223.37
54.145.99.161
54.159.180.193
54.194.233.137
54.211.0.120
54.78.81.45
54.81.245.140
63.251.232.165
63.33.168.200
63.33.18.223
64.227.64.62
67.202.105.23
68.67.160.186
69.166.1.67
69.173.144.138
69.173.144.139
77.245.57.72
8.43.72.97
80.77.87.162
82.145.213.8
85.114.159.118
88.208.215.108
95.101.196.17
98.98.134.241
99.84.88.104
99.84.88.3
02614d11cbdc1f220b7be546d59ef5e14489c86a5fdce3f22ce7b6bf9990bc71
0b4f2d0d5ed5ecaf2ea128bfb49698c22137aa4d84c596b7d3147333a79f0a16
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd64f727d72d15947ec9dd88c819964192798c59a5a139d6befa2366f696311
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc514a4d9fa20b05992c448af795f3c3067c7eb065570839dc86f3713eaef9a
11c7a142a4be0835ae72af164b1245efb4ccb0ac048b0a79cb8a4b4c113c0f4b
128ea146861ab8bd1ccf96ba271f62e2bb05279a8dd6906163068592fca6ee63
12b2573815dac6ac5646fab27841f398fa908cc13d510f2e14bffb595b726bbf
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
14307d6970a8af633a46dec0a5c95e0f32d91be3d76b60c5727d48162d8b3cde
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cc9ac5c4d4f8290b2b2ab7e7d33b406f2ed873b6639648192b082f8f6492ec
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2222eddcc4e2bf15281f72fb9c006da6f71a5ab428861a5572b8868c53f0f275
23b672072740c43062b3ceffd40c361e8c489bd512f88b97fbe27c2b55a04c85
259a41d269f82d089dee24a43516e1f52dd71d8c0db5b0225ddc1528e653a763
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
27248138920ca3210d8e18d842691aae81813c2e29baeaae3bf2b53aed928c7f
2a25a841bdb9b41efdbba9815fd37be806319572f41bf88b4b41384c8444456c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eff0d54011431daaa7729799732f50fe7ca71897370f57a9d4a605831155efc
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31c092894edb8c2115b0e09b6f5e5ab5d6056d8516c21bc102c1012b9bd8dda8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39c0495e4b24a50cf3183d811eb53e90364b9ef103a90d0ae4a14823dcb379bf
3b745959d448c39eb8d6a0664c192689ed61f59f2f9ee6c0ce52cd575ca8ef50
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40dc9e60097fb423f697360c5fd49595a5758190cec07eafbdec88769d3c5673
43d469d333e88830daa282404daeb2b385de30193026e127913200000fdd9648
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473320d7653a7a832d00e1f1192083fc09d1ec284f4deeb03816e8962e93b81a
485bc2688f7ee7bfcb78b2ca7cea32868f81235efe7fa36b72de4586a36f7c86
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c997dad566c02a0a4f8416efa520f838a711d067a08f33b3ccffd541333e92
48cd868056c12e2cd75bd7d62bc10a3bcdd09eef0c841b3ca1dd40183b7901e5
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51c1caa51e77327617cb0fc261d2ac944cbcb13d412da064a05fd575f23a84f5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56aa2813a301c5188f17017e0cb2370e4e8a488c390df10b5f4eca1688849ab2
57182b7989471ea68f9d7fe086c33ed292a1018663fda56e2e7fb58b9b060ddd
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
58ec66cc6132dc74ca374e5871f4289d5fd3db74ea8d4cb391f8bb0446a5ac37
5a66f8eafb50d104f1f4b4637134d3acf9fafa5c0821c5ff3a0e821b31216ad5
5b426c7b9f07b8f78d21972459d9e823a29c565b38fce5347306d7621a52434c
5f0430ccdf48ea353c809786e1d59aecd0896b0dbda31edaf5ab295a936ff0dd
6199e0079d62e1e476a2a5085d25ec0e1cc0da0de24fdd606539c6fd41ac2f58
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6745e58e49c454d7589789132e60bea089819ff74f4c2bf59aa93cc97a66a463
69f6701a2a3868e9532778660f02d98cb49c4dba60fc5336ff1c9de92e1ae063
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
762c347d361dfca7d3c4f278aba4d723c57ebc90b0fead6a91043111ef1582af
7915eae82a4cc7a5138af9b0965a4367ce9b85423725984eb2f1c71bd6260ce9
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
798daa126b9435e47e6ffc4114d74972c3ba7202dc0b303bce786a631064f634
7b29d277691a2ffc6b183c5966366b09c8ea5f7254283e7d811926602aa3cf48
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8701f3165d4b8683047d3ecd47a65cb527f7359bdb9a5ff2e220b76ca7670ce8
8867abdc1324822010578fb822a1ab98e22e023bf82a26f50af1683758192040
89c38de35046912bec71296d8b922be23aae9c5dff18993fd04ffed64f65c237
89f0335d649cdccf5bc16b4fad138e1fa6da670d851c82b48ccdd31273371110
89f0a7902b605d7321a7ca69950bfd92e22045bad46ceb745d6649043afccc0b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e5b1de3fb05b23ac4025c264d51edb0732e7c67baa7e16893ea72569d32d558
914142365aa05dffdcc298c09a75fda4c6d209b591d2aaa6836b30e986c654e1
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ec07951830a2627ef3f22c9785d6316cf7a439be45442f4ff8a7f983b203afb
a021ceb815a8890dfa0c2eb9cb612eb06706dc173bed57250636e332e803064f
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a10122466ab426897c863ae04b8d7749b4d154a8460059852038f9fff98e1e85
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a46fb4b0d435e4e16099c4403859ef914abea1650b4a52018467d20d2442fe8a
a4ab0450136e990fb527224c1b5ad7ebf87b1b0686cbffabbc942272342f1968
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a93e41b79e33a7893910ac0ce9df09cf5e68e35d3d681ba0f4e8f7e4bd53166f
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af9edf3e86a80586d0770850908bf3929a2112adc59211e9cb715c0218f14b9c
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
baaf06b777700c44c78877b06e3ae15e3c797dd211974e6f5a58199a3d9451c7
bcdaedbfd60b8d0a8a9eb4b16285345a749068b601c93f494362990f2a3e61f4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4286b5a1606b8f76c136f69043974148e12d6e80d3a1f1178a54c6ab67b7b07
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a57e0efbdae8b54503e74fed543a5f1d160fc1955836d5db105b9a7c12efea
d45f811982f43ce72509278b7cce54212735bd1a4b804b44f0326b3f22a98c15
d933f172fbf6542b5a6fb57729af202e3e033df01fc4c6b6cce6727da8e9e435
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db9b71a775fbb2d3fe7c56a26e34e88889d214c4889a8d308df05a9c6ca563da
dd4a6b612e8de7789b3b9facc55abd87f2052d3466e45c8b5572e138f9bb7e0e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df48570d3feed4a258e40102ec5e059fcd6a4541e16b117942e106c72af8b668
df6879fe3d9362d69218acf6f4b9d43b75a4017bea5435f466a2696ddcf45b1f
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e27ccd6d410ff11dd381fdf662cc7a3be20fa4e074b6cf50cd71f829bf198f36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ab6b7220c1d507c141dd0dc7dc0aec043e09ade6209e9f33d899e13a3ad389
e818f6fea40fe02802ab543ae13ec750b1d3a4fbe33c70a8fdbac86f5758631b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9036073cad52dae309708aa489751bc587660475aecdd7880adbf4d062d194c
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
edc78276a012aa609d7f245bb4b150298ac3a4b340a785745697ed4c6d98d1af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54f0d0e96bdeffd146688e9cc7a57868ec8d4fa8a1489c51b5f6f13f49c9b80
f674c5b5b1a5aca67f21db89bdbc9270bafceaa242a21b0bf62064532a327a24
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e