pastelink.net Open in urlscan Pro
88.208.215.108  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

• https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://onetag-sys.com/match/?int_id=1&uid=08c06469-b2ec-4900-b360-481a930f7170&gdpr=1&gdpr_consent=

Request Chain 123

• https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
• https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3372698217415556595

Request Chain 125

• https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDzi5UimD64sWdmJryXD34eGODMuv4-PiQ

Request Chain 128

• https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0I5Txpbaar5ruekmq4dF6L_xNrBq0R6bpzn8SkM8Eeo

Request Chain 130

• https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
• https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOpaD3QQVhnBSfu5fL0XJDs&google_cver=1

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 13xaxvag Show response pastelink.net/	30 KB 9 KB	572ms 258ms	Document text/html	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash e6bac99c4658e79a32badabf866c96027d6ffa9f389b4cd74cc0074bab4b18e0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 21 May 2023 05:57:55 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	419ms 143ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash 69a381cd93cfeb0c48bcb2ad2f0c89536f91693f38f3f231b7009e2a2e05bd7f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 21 May 2023 05:57:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 21 May 2023 05:57:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 21 May 2023 05:57:55 GMT
GET H2	200	styles.css pastelink.net/assets/css/	121 KB 121 KB	179ms 178ms	Stylesheet text/css	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/css/styles.css?q=36 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash ec237517566b85a5797425cebe748d7248a7d8c698bdb113f9615946b7434a78 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/13xaxvag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-1e436" content-type text/css accept-ranges bytes content-length 123958
GET H2	200	jquery-3.6.0.min.js Show response pastelink.net/assets/js/	87 KB 88 KB	390ms 389ms	Script application/javascript	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/js/jquery-3.6.0.min.js Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/13xaxvag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-15d9d" content-type application/javascript accept-ranges bytes content-length 89501
GET H2	200	script.min.js Show response pastelink.net/assets/js/	41 KB 41 KB	155ms 155ms	Script application/javascript	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/js/script.min.js?q=36 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/13xaxvag User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-a225" content-type application/javascript accept-ranges bytes content-length 41509
GET H2	200	js.cookie.min.js Show response cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/	2 KB 1 KB	418ms 140ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 7356177 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 772 last-modified Mon, 04 May 2020 16:11:49 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec5-6d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnBBH2zuQHjfeD2nTKqLmGclgNyHmVlB14Sq%2BKC9fvLJa16awsp0jjN6z%2B7iCl0QrFjg6UsQ6vPZcd5Z9vuWzfQmE%2FT7nCwc%2BlK5TCBjI8OF5j6OXI5FCLIWqFCDjC3qR7d6Qx18"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7caa95aefff530f6-FRA expires Fri, 10 May 2024 05:57:55 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 512 B	427ms 152ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Blaka:wght@400&display=swap Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash 843f831187d722da800290aa2514fc0074681fa57230604ae2ed795c99242af4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 21 May 2023 05:57:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 21 May 2023 05:57:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 21 May 2023 05:57:55 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	906 B 897 B	419ms 144ms	Script text/javascript	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=captchaLoaded Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software GSE / Resource Hash 9c76f166285597c57b231ceaa94e68a2d25859bea9b71ec8f1e5cc439d888a62 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 575 x-xss-protection 1; mode=block expires Sun, 21 May 2023 05:57:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	194 KB 69 KB	428ms 151ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash cab597dd3f95379243c1288d4c91064cc127e9c2d7d5ec0105738e592cfe6e74 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70009 x-xss-protection 0 last-modified Sun, 21 May 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 21 May 2023 05:57:56 GMT
GET H2	200	pastelink.js Show response cdn4.buysellads.net/pub/	538 KB 150 KB	424ms 149ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 8138e3b067231fae43b8c4a9838d515ef9e2b00d21dd2b8f51440742c5916272 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT content-encoding gzip last-modified Sun, 21 May 2023 05:32:47 GMT server AmazonS3 x-amz-request-id TA5YSCCD8SXM6YPA etag "efc1953a49f21d307b3c5d1225f5da13" x-amz-server-side-encryption AES256 x-hw 1684648676.cds265.fr8.hn,1684648676.cds162.fr8.c content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 153606 x-amz-id-2 OGeH7hEBt2MSeCohcKGWIUPbj4FxQ/6jFRvKuJ9T4G5pslKeoaKi7Fs9dNR9DjFl2hX94aPcozY=
GET H2	200	recaptcha__ka.js Show response www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/	443 KB 168 KB	408ms 134ms	Script text/javascript	172.217.16.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__ka.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f3.1e100.net Software sffe / Resource Hash 2f9d4ed6cb64a77560860ca3735c9100246eb33d9064c232db2b76dd98cbe543 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Origin https://pastelink.net accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 17 May 2023 15:05:30 GMT content-encoding gzip x-content-type-options nosniff age 312746 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170954 x-xss-protection 0 last-modified Mon, 15 May 2023 04:00:52 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 May 2024 15:05:30 GMT
GET H2	200	debut_light.png pastelink.net/assets/images/	4 KB 4 KB	152ms 151ms	Image image/png	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/debut_light.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-10c8" content-type image/png accept-ranges bytes content-length 4296
GET H2	200	pastelink-logo.svg pastelink.net/assets/images/logo/	3 KB 3 KB	153ms 153ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo/pastelink-logo.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-d3d" content-type image/svg+xml accept-ranges bytes content-length 3389
GET DATA	200 OK	truncated /	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	arrow-down-blue.svg pastelink.net/assets/images/	239 B 410 B	153ms 153ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/arrow-down-blue.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-ef" content-type image/svg+xml accept-ranges bytes content-length 239
GET H2	200	moon.svg pastelink.net/assets/images/	2 KB 2 KB	154ms 153ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/moon.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-62e" content-type image/svg+xml accept-ranges bytes content-length 1582
GET H2	200	public-black.svg pastelink.net/assets/images/	578 B 749 B	154ms 154ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/public-black.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-242" content-type image/svg+xml accept-ranges bytes content-length 578
GET H2	200	social-spritesheet.png pastelink.net/assets/images/	28 KB 28 KB	157ms 157ms	Image image/png	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/social-spritesheet.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-70de" content-type image/png accept-ranges bytes content-length 28894
GET H2	200	logo-bg-90-tl.svg pastelink.net/assets/images/	2 KB 2 KB	160ms 158ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo-bg-90-tl.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-933" content-type image/svg+xml accept-ranges bytes content-length 2355
GET H2	200	pastelink-logo-contrast.svg pastelink.net/assets/images/logo/	4 KB 4 KB	160ms 159ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-e31" content-type image/svg+xml accept-ranges bytes content-length 3633
GET H2	200	logo-symbol-non-white-bg.svg pastelink.net/assets/images/	4 KB 5 KB	161ms 160ms	Image image/svg+xml	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-11c0" content-type image/svg+xml accept-ranges bytes content-length 4544
GET H2	200	nord-white-trim.png pastelink.net/assets/images/	9 KB 9 KB	166ms 165ms	Image image/png	88.208.215.108 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/nord-white-trim.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=36 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.208.215.108 , United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS Software nginx / Resource Hash 6f0fef1778678fd7b5436ebd0ba183edb1e28d93136539e8beb4e4d60efdeceb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=36 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:55 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Mon, 15 May 2023 18:42:14 GMT server nginx etag "64627d06-2424" content-type image/png accept-ranges bytes content-length 9252
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	414ms 135ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 18 May 2023 18:06:15 GMT x-content-type-options nosniff age 215501 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 17 May 2024 18:06:15 GMT
GET H2	200	8vIG7w8722p_6nds0UE.woff2 fonts.gstatic.com/s/blaka/v5/	11 KB 11 KB	423ms 145ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/blaka/v5/8vIG7w8722p_6nds0UE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Blaka:wght@400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 7fd215578935f69c008f531402fef29626423b1bd93f22cd654b1c380e60d9eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 18:16:20 GMT x-content-type-options nosniff age 42096 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10980 x-xss-protection 0 last-modified Wed, 07 Dec 2022 17:51:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 19 May 2024 18:16:20 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	504ms 225ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 06:24:35 GMT x-content-type-options nosniff age 84801 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 19 May 2024 06:24:35 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	489ms 210ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 15:41:35 GMT x-content-type-options nosniff age 51381 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 19 May 2024 15:41:35 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	424ms 137ms	Script text/javascript	142.250.185.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f14.1e100.net Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 21 May 2023 04:35:39 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 4937 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Sun, 21 May 2023 06:35:39 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 79 KB	151ms 150ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash 0bef9d912dafd505105ffbdcf05c4bd0407d4fbab2e5b8ed7e03d9a7a3b24421 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81036 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 21 May 2023 05:57:56 GMT
GET H2	200	tag Show response btloader.com/	22 KB 8 KB	416ms 143ms	Script application/javascript	104.26.6.139 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?o=5102648370397184&upapi=true Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.6.139 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0c7b2f5831c6d16917f2b315d7064f498b5bf57c2998c91426a4f7fb7a7b98a Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT via 1.1 google content-encoding br cf-cache-status HIT last-modified Sun, 21 May 2023 05:05:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3021 etag W/"ada0946e5dd06399402b3876a723e4ea" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp2bC%2Fj0zhiU6ghwN7FQF7jRvgAsexdqdg%2FoquPddhzaLU2sVG6ebp95Si69mvwH6ZydvdjieX0%2BFJAZuLppF0Awdyt1CScUYFh9u%2B8UAecowu4ZzRKMgC0YUaAmnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 7caa95b65a922bee-FRA
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	76 KB 25 KB	446ms 155ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 05cfc9583c3852c9593b8f04a1f42b6ff0aa788fa344c02ca1c2bc24bf0887df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25309 x-xss-protection 0 server cafe etag 581 / 19498 / 31074710 / config-hash: 12351717780372853951 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 21 May 2023 05:57:56 GMT
GET H2	200	acceptable.gif cdn4.buysellads.net/	43 B 279 B	259ms 258ms	Image image/gif	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.5614521964801336 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT last-modified Fri, 19 Jul 2019 16:45:51 GMT server AmazonS3 x-amz-request-id FM3942AGK7R8HR9H etag "b4491705564909da7f9eaf749dbbfbb1" x-hw 1684648676.cds265.fr8.hn,1684648676.cds216.fr8.sc,1684648676.cds216.fr8.p content-type image/gif access-control-allow-origin * cache-control no-cache accept-ranges bytes content-length 43 x-amz-id-2 hQ+CEdM0fX83O7dSZNB7WIe/wMGokntsmjHCWa9tNT7YiBJT3/L2H2ASLIZGwQS2ThrStV2iQJQ=
GET H2	200	acceptable.gif cdn4.buysellads.net/	43 B 237 B	367ms 367ms	Image image/gif	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.5614521964801336 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:56 GMT last-modified Fri, 19 Jul 2019 16:45:51 GMT server AmazonS3 x-amz-request-id FM30XKBYNTEMCDS8 etag "b4491705564909da7f9eaf749dbbfbb1" x-hw 1684648676.cds265.fr8.hn,1684648676.cds120.fr8.sc,1684648676.cds120.fr8.p content-type image/gif access-control-allow-origin * cache-control no-cache accept-ranges bytes content-length 43 x-amz-id-2 r9avdK2A/RcS9tEbKoInKRSzVkk5FcvWYCOzwYoeUpYBu1wBAiQSLCvpKgEhlzdNrCSOBT52VXs=
POST H2	204	collect www.google-analytics.com/g/	0 170 B	231ms 213ms	Ping text/plain	142.250.185.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je35h0&_p=1271770288&cid=1968445717.1684648677&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684648676&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F13xaxvag&dt=20%20Trailblazers%20Lead%20The%20Way%20In%20Used%20Folding%20Mobility%20Scooter%20For%20Sale%20On%20Ebay%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 May 2023 05:57:56 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 917 B	430ms 140ms	Image image/gif	104.26.3.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 919191 x-guploader-uploadid ADPycdtIuxbh6TcOfJc6CQHXK8x0ql3PMeDtBJXU-MC_l17kqANJLaGJTX7WDwUwA1KANx3faXES2t6ZCGwRvtbhYmup x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OrC3pXqrUxdoGqXpyXAridn2Tz9Hd%2B3YLqMT0iYVUSEvLXC%2FlnDzwBlNiRG7j7l7oVrNWCXtF9zY8z%2F250QcpN6ZbIT4I9guAhbVl6wxtnjzLSPogErpJDGBCwxdGHesA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 7caa95b9694fbbeb-FRA expires Wed, 10 May 2023 14:47:16 GMT
GET H2	200	favicon.ico ad.doubleclick.net/	1 KB 571 B	427ms 139ms	Image image/x-icon	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 17:17:36 GMT content-encoding gzip x-content-type-options nosniff age 45621 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 May 2023 17:17:36 GMT
GET H2	200	px.gif ad-delivery.net/	43 B 329 B	430ms 141ms	Image image/gif	104.26.3.70 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.9565472052546715 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:57 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 919191 x-guploader-uploadid ADPycdtIuxbh6TcOfJc6CQHXK8x0ql3PMeDtBJXU-MC_l17kqANJLaGJTX7WDwUwA1KANx3faXES2t6ZCGwRvtbhYmup x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdwnS5vTuw3Vnpaf36Xf2fhJqK7efBpSZXF3lY%2B8wrhTQ3CxSek1%2Bd73Vxs%2BtM1SprQiC5Fv3Y%2FVhBXQfK1QGU7lN%2FfE2G2%2FLx3mALCbf0aaIzD17y4oO8HVUjCPJKiIzQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 7caa95b96951bbeb-FRA expires Wed, 10 May 2023 14:47:16 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 94 B	145ms 144ms	XHR text/plain	142.250.185.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1271770288&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2F13xaxvag&ul=en-us&de=UTF-8&dt=20%20Trailblazers%20Lead%20The%20Way%20In%20Used%20Folding%20Mobility%20Scooter%20For%20Sale%20On%20Ebay%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1085323895&gjid=1079898545&cid=1968445717.1684648677&tid=UA-55088947-2&_gid=1416394245.1684648677&_r=1&_slc=1&gtm=45He35h0n8155WHPWQ&z=1633734998 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f14.1e100.net Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/	407 KB 126 KB	440ms 139ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 07:23:22 GMT content-encoding br x-content-type-options nosniff age 81275 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128419 x-xss-protection 0 server cafe etag 9945815184239927542 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sun, 19 May 2024 07:23:22 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	72 B 603 B	431ms 141ms	XHR application/json	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 9613f838798d1aed5da373796f9180a1531b4670d6762a7db38dde12ae032934 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:57 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 59 x-xss-protection 0 expires Sun, 21 May 2023 05:57:57 GMT
GET H2	200	country Show response api.btloader.com/	16 B 204 B	506ms 240ms	Fetch application/json	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country Requested by Host: btloader.com URL: https://btloader.com/tag?o=5102648370397184&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash 45b5465229b3d2f0348a4cfcd69e52df10b6059122d41cff6f9854a30bf111cf Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:57 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16
GET H2	204	pv Show response api.btloader.com/	0 67 B	507ms 241ms	XHR text/plain	130.211.23.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=x42Ev6XEl3&w=5093624318001152&o=5102648370397184&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fpastelink.net%2F13xaxvag&sid=cOIuLMSrWR&upapi=true Requested by Host: btloader.com URL: https://btloader.com/tag?o=5102648370397184&upapi=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 194.23.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sun, 21 May 2023 05:57:57 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
GET H2	200	CWYD627N.json Show response srv.buysellads.com/ads/	930 B 664 B	447ms 146ms	Fetch application/json	178.62.198.146 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.buysellads.com/ads/CWYD627N.json?forcebanner=496495&ignoretargeting=yes Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.62.198.146 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS srv-eu-nl-14.buysellads.com Software //srv.buysellads.com / Resource Hash e3685d3a9b46622f211c413aedd8994daa245a31812dd31bf50324a7bf89317a Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sun, 21 May 2023 05:57:58 GMT content-encoding gzip server //srv.buysellads.com content-length 550 vary Accept-Encoding content-type application/json; charset=utf-8
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/	483 B 1000 B	415ms 141ms	Script application/javascript	104.26.9.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 May 2023 05:57:58 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Wed, 23 Nov 2022 15:43:18 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 806007 ETag W/"922cffdd75f7192f75231d92684885aa" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFM1wzyo2BBP6lNbzxPkqXTveTNADKCxLCHBoCPORNVn1prWgKsj2%2Bqn4QJPqnwknSNujDpGqnidrQeC0DWjkExgB06g0kQprx6VKifN6EG1mpuNS67IxD%2FyT8OyFl9f"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 7caa95be0ef839da-FRA
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	486 B 2 KB	539ms 258ms	XHR application/json	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash f333e259912900f597027f8743c2dfb6b0f1f1ff0f6261ffd5c3f344dd4da44e Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 21 May 2023 05:57:58 GMT AN-X-Request-Uuid bb4ac8f9-f4d4-4443-8447-0da565333069 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://pastelink.net Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 91.239.206.150; 91.239.206.150; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 486 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 501 B	411ms 136ms	XHR application/json	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://pastelink.net content-type application/json cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	200	adreq Show response ads.servenobid.com/	109 B 440 B	496ms 167ms	XHR application/json	34.243.66.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=563 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.243.66.165 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-243-66-165.eu-west-1.compute.amazonaws.com Software / Resource Hash 28206f4189052daa1630edbe12c03c5e58d4993e7192eaf1629c77759ac6df84 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 May 2023 05:57:58 GMT content-encoding gzip amp-access-control-allow-source-origin * vary accept-encoding content-type application/json access-control-allow-origin https://pastelink.net access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-credentials true
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 1 KB	799ms 528ms	XHR application/json	34.107.148.139 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU18831I Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash 2aa30cb41959b745405b78bb79dbf815c719f0456e3eb7c40895ca0fbeb661de Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT content-encoding gzip via 1.1 google server nginx accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model content-type application/json;charset=UTF-8 access-control-allow-origin https://pastelink.net cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear expires Sun, 21 May 2023 05:57:58 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	8 KB 4 KB	718ms 301ms	XHR application/json	69.173.144.140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=8750191a-c8ec-4327-acf7-644b72528c1d&l_pb_bid_id=293acc8c68317dd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_FixedFooter_ROS%23bsa-zone_1675868039084-1_123456&slots=1&rand=0.05289264571411367 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 78691c9b4b585400cdf771580c69f34b3d22c0a0f9c529d427d256a91eacb110 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT content-encoding gzip server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	429 B 744 B	877ms 460ms	XHR application/json	69.173.144.140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=2%2C1%2C16%2C232&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=c51ce569-eda0-4ede-8d4c-a4cbf9537427&l_pb_bid_id=30e330e4ec3ae43&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_TopLeaderboard_ROS%23bsa-zone_1675868173958-4_123456&slots=1&rand=0.030027512101510556 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash a94e15631d32667e4784dd914ef21ef822addd5bf765acb0bea7d9653f3735ad Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 429 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	425 B 965 B	715ms 298ms	XHR application/json	69.173.144.140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=4f342d7e-302b-41c3-bada-a5d0f457cb4b&l_pb_bid_id=319453c49b5f81b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Sidebar_ROS%23bsa-zone_1675868324828-7_123456&slots=1&rand=0.9685966958355414 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash 0b300dd055a1fa71206276bf2c042e90b3dcda1f46b92358b8797b4f8188b9df Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 425 expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	429 B 744 B	725ms 309ms	XHR application/json	69.173.144.140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=468716&zone_id=2765554&size_id=15&alt_size_ids=10%2C16%2C53%2C67%2C101%2C102%2C221&rp_schain=1.0,1!buysellads.com,16898,1,,,&rf=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.domain=pastelink.net&tg_i.page=https%3A%2F%2Fpastelink.net%2F13xaxvag&tg_i.pbadslot=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=dd15a492-e150-4cd3-95de-1994b5a1256b&l_pb_bid_id=32d0d2294f62655&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22405481091%2FPastelink_S2S_Interstitial_ROS%23bsa-zone_1675868453109-5_123456&slots=1&rand=0.6862335651956737 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.21.4 / Resource Hash fe25c2c9791b49163aedd6d9e8407fcbb58aa0f91534747b3950e176f4257b78 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT server nginx/1.21.4 vary Accept-Encoding content-type application/json access-control-allow-origin https://pastelink.net p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-length 429 expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	v1 Show response hb-api.omnitagjs.com/hb-api/prebid/	2 KB 945 B	452ms 160ms	XHR application/json	185.255.84.151 IGUANE-
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpastelink.net%2F13xaxvag&PageUrl=https%3A%2F%2Fpastelink.net%2F13xaxvag&PageReferrer=https%3A%2F%2Fpastelink.net%2F13xaxvag Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.151 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash 2d2e45cdf9c402d9bd325fd3a994fd22f0f5a929df16e034481ed79ca53907b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 May 2023 05:57:57 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO PSA OUR" x-envoy-upstream-service-time 19 content-length 484 pragma no-cache server ayl-lb-fra02 access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Accept-Encoding, Content-Type expires 0
POST H2	200	prebid Show response mp.4dex.io/	173 B 1 KB	686ms 159ms	XHR application/json	104.18.2.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2847592065074f06a56d6a51c260d9d389c35aed6fa944cf01082b665b0fb5a4 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers x-version 3.0.0-gcp-ams date Sun, 21 May 2023 05:57:58 GMT x-err Shapings: no adunits with size and seat and mapping via 1.1 google cf-cache-status DYNAMIC content-encoding gzip x-warn Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868039084-1_123456, Process Floors. 13 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868173958-4_123456, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1675868324828-7_123456, Process Seats Booster. unable to get the seat booster engine for organization: 1116 pragma no-cache server cloudflare vary Origin, Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 7caa95bfdacb382e-FRA expires 0
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 115 B	717ms 190ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://pastelink.net date Sun, 21 May 2023 05:57:56 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	cdb Show response bidder.criteo.com/	18 B 311 B	683ms 151ms	XHR application/json	178.250.7.10 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=99552615288&lsavail=1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 May 2023 05:57:57 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Finatra vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://pastelink.net access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * content-length 44
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	171 B 555 B	1513ms 203ms	XHR application/json	81.17.55.98 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://pastelink.net p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	171 B 555 B	1576ms 208ms	XHR application/json	81.17.55.98 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:59 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://pastelink.net p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	171 B 555 B	1709ms 195ms	XHR application/json	81.17.55.98 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:58 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://pastelink.net p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	171 B 555 B	1724ms 198ms	XHR application/json	81.17.55.98 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:59 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://pastelink.net p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	171 B 555 B	1776ms 199ms	XHR application/json	81.17.55.98 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 May 2023 05:57:59 GMT content-encoding br transfer-encoding chunked vary Accept-Encoding, Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://pastelink.net p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/	74 KB 23 KB	409ms 141ms	Fetch application/javascript	104.26.9.169 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 May 2023 05:57:58 GMT Content-Encoding br CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2156715 Transfer-Encoding chunked Connection keep-alive Last-Modified Wed, 23 Nov 2022 15:43:17 GMT Server cloudflare ETag W/"c56b6332dacf72f135afcd153ae22448" Vary Origin, Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BiHXsBbe4i1ZTPoMUkzY%2FO2%2BPcSZLIg%2BG9I%2FDkOGX3iKUEo515heBWs81TVRExjd7LZPU4N05Y1izVoiT%2BP5AkfHE3j6oLk%2BjKpNNTs6t8xke%2BOfVUnmrA4GjjId0PU"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers Cache-Control public, max-age=1800 CF-RAY 7caa95c098d1368a-FRA
GET H2	200	integrator.js Show response adservice.google.ge/adsid/	107 B 532 B	422ms 142ms	Script application/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=pastelink.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:59 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	667ms 142ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=pastelink.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:00 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	157 KB 22 KB	547ms 547ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2612139203466638&correlator=635013889082601&eid=31074710&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fifs&iu_parts=22405481091%2CPastelink_S2S_FixedFooter_ROS%2CPastelink_S2S_TopLeaderboard_ROS%2CPastelink_S2S_Sidebar_ROS%2CPastelink_S2S_Interstitial_ROS%2CPastelink_S2S_TopAnchor_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%7C468x60%2C320x50%7C728x90%7C468x60%7C728x200%7C580x400%7C750x280%7C760x280%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C300x250%7C336x280%2C320x50%7C120x600%7C160x600%7C300x600%7C300x250%7C336x280%7C240x600%2C1x1%2C1x1&fluid=0%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=840525636%2C3944560474%2C3798138915%2C1897443797%2C1230872867&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C8%2C2&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1675868039084-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_creative%3D3846%253A165537-1068864%26hb_adid%3D67dedc9689a4bd4%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.12%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.12%26hb_adid_rubicon%3D67dedc9689a4bd4%26hb_bidder_rubicon%3Drubicon%7Coptimize_ad_unit_id%3Dbsa-zone_1675868173958-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868324828-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1675868453109-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1678879398722-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dpastelink%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1684648679594&lmt=1684648679&dlt=1684648675336&idt=2384&adxs=-12245933%2C310%2C1091%2C-9%2C-9&adys=-12245933%2C345%2C521%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpastelink.net%2F13xaxvag&frm=20&vis=1&psz=1600x-1%7C705x424%7C168x607%7C0x-1%7C0x-1&msz=0x-1%7C705x250%7C120x600%7C0x-1%7C0x-1&fws=644%2C4%2C4%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0&ga_vid=1968445717.1684648677&ga_sid=1684648680&ga_hid=1271770288&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash a952f3c8b23a4b16f511562d7a17e21f98dfc039abc35c91821bf1bafae11369 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:00 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22050 x-xss-protection 0 google-lineitem-id -1,-1,-1,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -1,-1,-1,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://pastelink.net access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	438ms 152ms	XHR application/json	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305160101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash afa75d919ea6788b00b0b8d3adab12c208dd211675998ea0d8e3e0090c3862d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:57:59 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11119 x-xss-protection 0
GET H2	200	container.html Show response 3c01a98581c38ee33cc3cb5fb7f9386f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD27	6 KB 3 KB	1722ms 150ms	Document text/html	142.250.186.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://3c01a98581c38ee33cc3cb5fb7f9386f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f1.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 21 May 2023 05:58:01 GMT expires Mon, 20 May 2024 05:58:01 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/	36 KB 13 KB	138ms 138ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl_page_level_ads.js?cb=31074710 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 8029665c0154234ddf67e798de4c9a5cad358071f988aa1c1f84bbae930ed8cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 00:47:54 GMT content-encoding br x-content-type-options nosniff age 18605 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12848 x-xss-protection 0 server cafe etag 13833340073225968366 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 20 May 2024 00:47:54 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	643ms 350ms	Script text/javascript	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 21 May 2023 05:58:00 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/032305152039000/ Frame E183	222 KB 61 KB	425ms 134ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash a9a66c854c00cb265360ee44f9eb04d14c90f8180192e321c4a97dc5b8a71015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61811 x-xss-protection 0 server sffe etag "b82c868af9b81c48" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame E183	15 KB 5 KB	662ms 372ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5257 x-xss-protection 0 server sffe etag "6147d0c60b11b4b1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame E183	94 KB 28 KB	664ms 374ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28959 x-xss-protection 0 server sffe etag "e8b37e49415a2d9f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame E183	5 KB 2 KB	679ms 389ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1899 x-xss-protection 0 server sffe etag "de1853be803cb92a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame E183	40 KB 13 KB	671ms 382ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12945 x-xss-protection 0 server sffe etag "6b8dcbc7470d864f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	css fonts.googleapis.com/ Frame E183	9 KB 1 KB	144ms 143ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 21 May 2023 05:58:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 21 May 2023 05:27:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 21 May 2023 05:58:00 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/032305152039000/ Frame DAEC	222 KB 60 KB	574ms 299ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash a9a66c854c00cb265360ee44f9eb04d14c90f8180192e321c4a97dc5b8a71015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61811 x-xss-protection 0 server sffe etag "b82c868af9b81c48" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame DAEC	15 KB 5 KB	388ms 387ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5257 x-xss-protection 0 server sffe etag "6147d0c60b11b4b1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame DAEC	94 KB 28 KB	389ms 388ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28959 x-xss-protection 0 server sffe etag "e8b37e49415a2d9f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame DAEC	5 KB 2 KB	397ms 396ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1899 x-xss-protection 0 server sffe etag "de1853be803cb92a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame DAEC	40 KB 13 KB	398ms 397ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12945 x-xss-protection 0 server sffe etag "6b8dcbc7470d864f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET DATA	200 OK	truncated / Frame DAEC	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 99a405f23ed45932d42b64c424cf892d145f823abae53e0a626ada7359585032 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/032305152039000/ Frame B2CF	222 KB 60 KB	529ms 265ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash a9a66c854c00cb265360ee44f9eb04d14c90f8180192e321c4a97dc5b8a71015 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61811 x-xss-protection 0 server sffe etag "b82c868af9b81c48" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame B2CF	15 KB 5 KB	416ms 415ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash cede5e6b2d0201be197cfb96a9aeb4c5c95bd5749785a3e5473610e267f5de4f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5257 x-xss-protection 0 server sffe etag "6147d0c60b11b4b1" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame B2CF	94 KB 28 KB	417ms 416ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 213b087a5427c3b7e3a7d3acb2e179c6d43503c3f148e69edb8babb71dee622b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28959 x-xss-protection 0 server sffe etag "e8b37e49415a2d9f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame B2CF	5 KB 2 KB	424ms 423ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash c6ba320adc868a92d71a8d20e0354206b22dafff65a7d4550f3bc6a08e9fd952 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1899 x-xss-protection 0 server sffe etag "de1853be803cb92a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/032305152039000/v0/ Frame B2CF	40 KB 13 KB	425ms 424ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/032305152039000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074710 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 45aa8d5ea20712aff96d0f962875a64a3798e9d409b8a962ac6462357779f0e9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 May 2023 23:09:04 GMT age 370136 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12945 x-xss-protection 0 server sffe etag "6b8dcbc7470d864f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 15 May 2024 23:09:04 GMT
GET DATA	200 OK	truncated / Frame B2CF	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95249d37e216440c70e4d677db385c43387a9717f8440dd037a84375f13e6fd9 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame E183	3 KB 3 KB	330ms 209ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 12:05:18 GMT x-content-type-options nosniff server cafe age 64362 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2982 x-xss-protection 0 expires Sun, 21 May 2023 12:05:18 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame E183	344 B 449 B	262ms 141ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 13:35:10 GMT x-content-type-options nosniff server cafe age 58970 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 344 x-xss-protection 0 expires Sun, 21 May 2023 13:35:10 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame E183	0 0	175ms 173ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CqjnT57JpZPDDK8zwgQe3zoWABfC6i9JwyoKPo9cR34b0_QgQASCGm6SQAWCNAqAB54DYyynIAQbgAgCoAwGqBIgCT9DcBC5fxbxKkYlWfIf-RXMFXPJl2m-jCapxNx3jyxNMTILUIeygihfZ_Ug1dEznYSbVSah8L2l3n6Ah6RWKMqFY8Ww5vGxg8iYBI3RSPkU778O2dvO1UqFxtmga1rPnLG1DCE_8pcInwD7f4eA_i4I3NdHV5e_T3zoZTT3oe7Zi_JSId-isNNz3vRTx6Ha1pUnJQMXOoIMP6gigNvaqSHNomdRUnemoprTlmcXc2YtU4ZR8C18VLkqK6RGRLX9lfL4jEXOFHBikMrGgXpky2J7XJZ4H8d909MU0n3e91efYmraHUVs9gPhMhOfbJqnbjrPZdLi1G5hWSVAV0dAYVY_tjKruquHxwASWvuiUrwTgBAGAB-e4qKsEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtK8S0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMTc1MDg1NjIzOTIwNDQxNBj63nw&sigh=axWyaoBlFvw&uach_m=[UACH]&cid=CAQSTABygQiDa_0fpwee_uwAvmdjmVC7c7si_T9K17yReCw2LCcDEkgu8VX6sUe7mlNqiFQCmTwOhztOniglvaCaZ1SiTx_mDGWqVbDiWRcYAQ&template_id=492 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	18166168916142762544 tpc.googlesyndication.com/simgad/ Frame DAEC	9 KB 9 KB	459ms 338ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/18166168916142762544?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk094yJPRx-lyuBR1YxcL6VAH36Lw Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 3c063a59e85b51d92734bf3b151b955507ff976ba5c62767c872c8b38808df5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 18 May 2023 07:54:07 GMT x-content-type-options nosniff age 252233 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8946 x-xss-protection 0 last-modified Wed, 16 Nov 2022 13:25:54 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 17 May 2024 07:54:07 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame DAEC	3 KB 3 KB	263ms 143ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 12:05:18 GMT x-content-type-options nosniff server cafe age 64362 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2982 x-xss-protection 0 expires Sun, 21 May 2023 12:05:18 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame DAEC	344 B 402 B	262ms 142ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 13:35:10 GMT x-content-type-options nosniff server cafe age 58970 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 344 x-xss-protection 0 expires Sun, 21 May 2023 13:35:10 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame DAEC	0 0	175ms 174ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CbS3E57JpZPHDK8zwgQe3zoWABeDCpbNw5ZzH8IcR0Yy4pAQQASCGm6SQAWCNAqABod-1hSnIAQLgAgCoAwHIAwiqBPsBT9AEbac7pRpStVLo4CFND4NhhnT9AwcdbsPehHRzpXGmnkTGmjZzWPSLpe4qWXo7nhONTmSFH5aYemHU2To2qJ11b2Z65KLAh4jD5nbxXFTkG62zvoZxoc0uIFc556JXP5ePGYBbZu3qp_7l6lfVnFKJasKMf1TM7KgW1m-cwtsKqtYKo8IQRu6nvcJQSb2ttrMelK3LeLBu0UB25fi_fNDJth3uaRE2nkvThl3lMNCaOy07qAj00wFtJQjZHnoJtytIFOk28i94UztZ0Co_H13-i_Le0I3mNHmNPB7UNcSpDV0kGIWZQlWIaAAm4kV0rI21sMnJA4BZknDABN2ul6OQBOAEAaAGAoAHoZeG5QOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBComRbSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0xNzUwODU2MjM5MjA0NDE0GPrefA&sigh=4eZmGKToPDU&uach_m=[UACH]&cid=CAQSTABygQiDa_0fpwee_uwAvmdjmVC7c7si_T9K17yReCw2LCcDEkgu8VX6sUe7mlNqiFQCmTwOhztOniglvaCaZ1SiTx_mDGWqVbDiWRcYAQ Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	8653581628685840030 tpc.googlesyndication.com/daca_images/simgad/ Frame B2CF	81 KB 82 KB	317ms 210ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/8653581628685840030 Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 682521b678e20f7248d6f87a7517448bb270671cd30b32c76fcb009d8c7ba7ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 06:24:01 GMT x-content-type-options nosniff age 84839 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83097 x-xss-protection 0 last-modified Wed, 18 May 2022 21:06:42 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 19 May 2024 06:24:01 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame B2CF	3 KB 3 KB	248ms 141ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 12:05:18 GMT x-content-type-options nosniff server cafe age 64362 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2982 x-xss-protection 0 expires Sun, 21 May 2023 12:05:18 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame B2CF	344 B 402 B	315ms 208ms	Image image/png	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 13:35:10 GMT x-content-type-options nosniff server cafe age 58970 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 344 x-xss-protection 0 expires Sun, 21 May 2023 13:35:10 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B2CF	0 0	176ms 175ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CpD_r57JpZPLDK8zwgQe3zoWABbexkqhwiZ3V5rsR2tkeEAEghpukkAFgjQKgAeL0ksUDyAEC4AIAqAMByAMIqgT5AU_Q6of_dR1YlZAwfYeF-GWpUJdStmp8deHJsL-TvkHbTX2j7pswsKg3MaRl0edXr6Hk1LpxGpjI2aXcEaSQoHNsSBWOXSol88PJvi2UaXbPVNVLB3kmTrAeveg9LPI-CtyUeQbD1ZvFbOlSNYkf1lrx02XBajg3d5KTiCMsN0bADNuf_wP_ZpuF7sPlQIGJ7FqQTPLK7bhCX7AxZ6xJuSZn838dJu_yycCOmoSq9o3wyqujS-N9FG3lEbnprefC0axeHHgeaz7LFdjAAVh4g1SDdo2sxIUDBzS3b_ElblWcPGjoSHWKZWwEFRJMEbtS502yEo_o_BORccAE0urNqacE4AQBkgUECAQYAZIFBAgFGASgBgKAB4aL7TqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD4yQPSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xNzUwODU2MjM5MjA0NDE0GPrefA&sigh=O0vhYRZ01zU&uach_m=[UACH]&cid=CAQSTABygQiDa_0fpwee_uwAvmdjmVC7c7si_T9K17yReCw2LCcDEkgu8VX6sUe7mlNqiFQCmTwOhztOniglvaCaZ1SiTx_mDGWqVbDiWRcYAQ Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame E183	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4e8b93b05d33432b96863bd301eb8900d919115bda3674f6ea82b5eba8604035 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	publishertag.prebid.135.js Show response static.criteo.net/js/ld/	89 KB 29 KB	495ms 216ms	Script text/javascript	178.250.1.3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.135.js Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:00 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 24 Feb 2023 07:57:32 GMT server nginx etag W/"63f86dec-16386" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 22 May 2023 05:58:00 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v46/ Frame E183	29 KB 29 KB	137ms 135ms	Font font/woff2	142.250.184.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f3.1e100.net Software sffe / Resource Hash 45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 May 2023 22:26:30 GMT x-content-type-options nosniff age 27090 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29728 x-xss-protection 0 last-modified Mon, 03 Apr 2023 16:59:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 19 May 2024 22:26:30 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87F1	13 KB 5 KB	142ms 141ms	Document text/html	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 23204 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 20 May 2023 23:31:16 GMT expires Sun, 19 May 2024 23:31:16 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CCE9	783 B 918 B	150ms 149ms	Document text/html	142.250.74.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.196 Staten Island, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f4.1e100.net Software GSE / Resource Hash 3e928c905827847d3538835e4dfcdcef7d6b70557f140bb6e861f392ceddf271 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rl-adVBHVkMYqz8qDtD_CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-rl-adVBHVkMYqz8qDtD_CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 21 May 2023 05:58:00 GMT expires Sun, 21 May 2023 05:58:00 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame E183 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	446ms 165ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers date Sun, 21 May 2023 05:58:00 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	syncframe Show response gum.criteo.com/ Frame 9ED9	15 KB 6 KB	1711ms 146ms	Document text/html	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 21 May 2023 05:58:02 GMT server Kestrel server-processing-duration-in-ticks 397483 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	89 KB 29 KB	778ms 227ms	XHR text/javascript	178.250.1.3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:01 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 24 Feb 2023 07:57:32 GMT server nginx etag W/"63f86dec-16386" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 22 May 2023 05:58:01 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame B2CF Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	390ms 183ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers date Sun, 21 May 2023 05:58:01 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame DAEC Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	291ms 182ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: pastelink.net URL: https://pastelink.net/13xaxvag Protocol H2 Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers date Sun, 21 May 2023 05:58:01 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CCE9	0 0	472ms 208ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305160101&jk=2612139203466638&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Show response pagead2.googlesyndication.com/bg/ Frame 87F1	37 KB 14 KB	362ms 144ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gGcE_Je6QN6wd7zdqPO8VfplLXk3j_ez8wfuudjmOnY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software sffe / Resource Hash 806704fc97ba40deb077bcdda8f3bc55fa652d79378ff7b3f307eeb9d8e63a76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 May 2023 16:56:00 GMT content-encoding br x-content-type-options nosniff age 392521 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14692 x-xss-protection 0 last-modified Mon, 15 May 2023 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 May 2024 16:56:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 87F1	0 10 B	135ms 134ms	Image text/plain	172.217.18.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?v7ogIQ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:01 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame E183	42 B 64 B	169ms 168ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuN0sD_2BrLEnbgSHRnyOgmuYki3Fh4tRMi041ts6WlS88xhiKKC4gDMh5Ay3ReneRd9IXMKLp-A36KHAzsUCSIz9tSFm3GBrkVcCCIe_h04JdignTH2PaHfb7xKuZdJPuPQm_A2BjXKhnwzLOC2Qopk_ZMKVu8UoaIiTGpTIi95GmMXTchdlI5BklFKvyFzU6kmsGcHPaQP59GGWP32E-_D0-SGDsfPFZAvHgTj9sadZtmzGobalyzbDd3ggfh24yn3atSo7PoihXKpp0gU_t8r4-K-AoX1WlDGSgjgZqxCTcZzTsTeVp9y0cTQa4xyAz1G1IHtnA4vCJjvm7mFtEAVTLiM7DTFkgA85ETvnHR_KJAIIUaQ4YPFsWECgAFB06Yb6a8DKVze6RSHcG8HHfx8V51GdkRz390LgeIUT9TJ7UD70_xdcvcgCmOx2PeiqTpjI5JFFFRw_6ogYTpNpDLUfnzfCvZocKIrS0Qv0x4TLdW66X_cTKryu4n2Ct8vtxLYDZrOnsqtZfViLGcpf0MwiuKbzpdtls7rMGD1xvoz_KcsaE4eK3YqBPwVvGj9xKG49poMlbqGr0hkXS78eDWzAcsv09E-KSzHoMR6_Dg7B5KZejyKX_l7JfKpd1GyBieuSXM9EK2akvRjuJ-O0FpCFdD4ZixrVmrWtPCtjJUPp0uyDutiNTHBRbHoMofguQxw4rdG4QuL0vS-UvmQ3SVYPoYLjD0Qj2Ogy6rPKqLtVOSjnG5DABxTem8qBAvN0RB8i05IvFuWWLEdG0no-xz9Sy9ImiZlmT8Fs4XVGIp6qWadE0wtU-xfyXfUsbj-awWv4ZBJB4zk6dj3wKXhab5ZURf7UUrpvU3VRZr_ImgsZxoCPwmd1Tec58bsxQCJBRZDh3jlMv_goNid_1APaaksAu5m0YncnwQj0Zk9RwkEclaD_nwhsVc8mlc_55Q_2kN5bHaINr2soiMlrj_o796Y-sojmoWc8OrPYLj_b_YLAU8GD86As5RJU0itsQZSh3r2OXjrpwoOESwR_d-&sai=AMfl-YQ4mgMFK0LC1KpwL2BuUzZzi-noCUVL6u_aGFclHnxvYZGguZ7lAMfWsVGXVVL2k-DzNFmIEa-KBr2oPqF9pdn_DTzDQhoq2gDUGMz3RpzUKresERzC2GAa0KeLRMDQXZK_CvRJhlXojQpq46j4y3KRdZ1sfeuD8W4&sig=Cg0ArKJSzM1a41xx0C-tEAE&cid=CAQSTABygQiDa_0fpwee_uwAvmdjmVC7c7si_T9K17yReCw2LCcDEkgu8VX6sUe7mlNqiFQCmTwOhztOniglvaCaZ1SiTx_mDGWqVbDiWRcYAQ&id=ampim&o=305,1105&d=990,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=936&tls=1936&g=100&h=100&tt=1936&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 May 2023 05:58:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame DAEC	42 B 64 B	178ms 175ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutoMh_QpKGWPV4VL_7vH7-JkSsGfjn8SBrEVwbFVmoqMmsLisnz8ENiXxeVCzlf9DKNV9tEa66PEMxMRjU8aHrUvoYXa5z-tqtV-mZq1bM5EipBWhrAJxJaa_vjbIQUC9jjRsJU1XMVYUiKLT3rslv-XHRbjQpsX2YuIjJFYQJihjJDSCLOOJzbVj4Ce2l3NMhXVkW2VzMsFsvRBEC_tyu0iGEZUgEcuCLomuYAMtA3eV5q5_ctFgATxLLIh4NTyVefEV_sA4J5OAgUxRZvTumLmVoDB1VorngciU0FbdwO4N-fxw6KmVxgg3XYw2arC9UZnXlPAgFhrGZcPSzdr8xeqkOKudQcgZdJ5ak8ve6x8E_sM-VdvQ_JJgZ4h39USM7kuC_ZVyTp8VH_yovCYbNSFub5qJKaeRjf_2Kf8w5E2UoS7lJEwEjbEUj0iyAE0pgiAUf4T0mts20lYr-iOjeOjuUuKSsEqzUKkpJzqAd2rTumtZyMpMW0ID-wsrbJnPq49zQzWeDE6LVnJA7xfC_YuvwOjUxOl0ZUpgLnqP7IxJrutxwu39NHH8BRu5qWQDhPT3lwS0BT-WMw8UBOShBd1qKKOivOPKPqD96B3-OH_akMCuN1sz_QS8uDX6DREipVNa6JRi0Zh5L6hb4XsBf13nHP25tmxofKenxkJ3eVfpW7xdmzyV5N2x9jgUJ4oRaZvQs6JoTYYUj-YVTSUrOp5mgn3WUf_7ZVG_K0UlgyFyX8PGIcYuMUuYR0LKm1gbYgKWslmqsAPHQK0N-3yuaJHMGtOnqy9HavbBgp4e5UxwomuH0LULsCIgh_obuBeYsd2Go0tSpTgD8UWF6V_w3l4Ai2iQ-3B732GlWBjEqtUBXca2u7Mp-vtxxih9ShIUbQgJ4FkEhKjlpkCqQdjFS0EarR3wLVNiAMZ4c6ulXR4AowG0narwGm4jdWFqOQ51N0VXSYCeWTAQJydRJnm6HgxDmHlwf2ko5VQtzRxqUNGYrb63bZeIqbU4aML3R927uJz0W&sai=AMfl-YTzgg_hfu2PPr5jThp7uHzWCFi3K4dgY0gBnZWvEsxYYiDdXgL3ksfz_aTh7kALXSKviurws0lBSxtP2ckG-v_aMQj8J2DZdZqXANCIsnEnBVCMLRrmroPQEVLT6nCqdDt2En9PyiAi0skd2-5inKRDhA6fyE9EbmU&sig=Cg0ArKJSzKXIRflBo-eBEAE&cid=CAQSTABygQiDa_0fpwee_uwAvmdjmVC7c7si_T9K17yReCw2LCcDEkgu8VX6sUe7mlNqiFQCmTwOhztOniglvaCaZ1SiTx_mDGWqVbDiWRcYAQ&id=ampim&o=431,345&d=464,386&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=916&tls=1927&g=100&h=100&tt=1927&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 May 2023 05:58:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame B2CF	42 B 64 B	173ms 169ms	Image image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqFOoddFIKgQqmh1QVrtezINCmcBA1cP47CWUYoT2RLpmrcbwk6fsuXjeSgG6BFmKSRgJvG7-KKSmn2tDDSVGxkc9BHe2xRm4hViv0BtTgUUCsW1fS-dLDIRBAvTVlhLZHO08&sai=AMfl-YSmgum-XlpgZ75V-SNRu-qVlzt2Mqbi46FnRPNvkYSCpbNxyN6D-S8YGIFbbtPmN09_pgCFEigWuh8IPGHyFRv8DYYyUfqFuqfdlV6f-CAkqvt7jcgc80NjUCnKTsqAaTLPCb36hHLp6E28YA&sig=Cg0ArKJSzOs18EeHwCsZEAE&cid=CAQSTABygQiDa_0fpwee_uwAvmdjmVC7c7si_T9K17yReCw2LCcDEkgu8VX6sUe7mlNqiFQCmTwOhztOniglvaCaZ1SiTx_mDGWqVbDiWRcYAQ&id=ampim&o=1078,473&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=905&tls=1914&g=100&h=100&tt=1915&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 May 2023 05:58:02 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	171ms 170ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305160101&jk=2612139203466638&bg=!goGlgdXNAAZ8_aWmXP07ADkAdvg8WjSofe4KvjLjYjHNF0leooL3ccHv1u_nx2zajybPATVPNmlhgjFdQCBPRIhEQou9U4JYEVUCAAAAX1IAAAADaAEHCgBW1ifVlnptBU8d6orZn78lHiIU7tKC3YYYllma0NlQklJ3UGhcDUTYsdORZXb-7ZyTllM_HEfOAgcb1SDwqtHuT2L5LithChbq9oVuLD2n-k6MXWUgf0SZAqMsAZoWQ-WjBTqDtzGCUG--Snxv_aPwCEdP4uf14cJx7P8qW8ihAlkp9wZc98NCZ2leHX9te5LSWQ_WrB8XRqz8AZlGkatpqM5Rx01-LO7j4wwKAK6PEpDN_hsmS0yAVZFrWiYfer4etG3je7FP2L2ym9MmJ5IWqHps0AUYhj7DVAo-twuHWC7IRFZ4xUWQ5uGsx7iytzQiyT2wH78LTvPU_PjPbevKcmJUGxvs88xyWHXVy7pHrian6Z8UUoW_mgn8MPhGMSIS5_QRHxWJe3wAvF97gsZ9O3x6p2nHvq24QTj4IVsxBBLmO1ZFnxxau2--3tj8QZ1h9deSqJ3UVA1BBMXRoSbTU20bcQJORqQRvjg1W6v8pL-1MylmU2Y6nTMWLMLFW8qtn0ceOhtvdKXsYKHXMdXXjzGZ5MRI3uxNRlrrgWY6lm1gmUEp329A4RVNMNYRrwXEw4IouRBVIVImLX7EdXwf8Qj7vuR3stDFT5ylMEpoWkZ1iMGnW961-08Z-6Ho97O05RsptARozyjNUYspsEX10q0PDujjltZ8AXrMIN8nutj6WKx4N53lqKAhiG_lRodAkWz4mfB8ICAH9Oh5He-AQRwfZAK4J1YYyC6DZM3srsL7ubwJyiuHOZG4l8ElnQq5JGGxeQsF5sGMHMfnFIM10MTlJFBUmqLb4XBcu0fEOHLE210t80NSHOSVwOVu0bAM4vAOgGxDVM8GooO-7a0uH_KJOD5-0x03hBHHTQEkRieffLp2CMV_hD3-5CFhji2F8OBbdnuqH_SRDz5hd0l6v2X2V3h1y8mZ5K_woe94W10g2GakcGDhdKGjvTPv8BysysipwjBCUbdH4YgqL1_oQ6dPlHSeypfKRpF3k9DmIu-7AduC8lNvTMS5JdI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	json Show response gum.criteo.com/sid/ Frame 9ED9	435 B 556 B	147ms 146ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=publishertag&domain=pastelink.net&sn=ChromeSyncframe&so=0&topUrl=pastelink.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 Requested by Host: gum.criteo.com URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 2f07c675fa6bbc63dfd1999060317be6067d1798d1f1444690573143a5519ffb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language ka-GE,ka;q=0.9 Referer https://gum.criteo.com/syncframe?origin=publishertag&topUrl=pastelink.net User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 May 2023 05:58:01 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1483303 expires 0
GET		checksync.php contextual.media.net/ Frame 7DAD	0 0
GET		async_usersync.html acdn.adnxs.com/dmp/ Frame A310	0 0
GET		usync.html u.4dex.io/ Frame E21C	0 0
GET		user_sync.html ads.pubmatic.com/AdServer/js/ Frame 52B8	0 0
GET		sync.html public.servenobid.com/ Frame 1CEA	0 0
GET		usync.html eus.rubiconproject.com/ Frame 98E7	0 0
GET H2	200	/ Show response onetag-sys.com/usync/ Frame CE90	4 KB 2 KB	137ms 137ms	Document text/html	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1684648678190 Requested by Host: cdn4.buysellads.net URL: https://cdn4.buysellads.net/pub/pastelink.js?1684648200000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash a178a6d6f013834c0e56c57f366ffd2e6b87e562258750bdce72e4a26f645e27 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers cache-control no-transform, no-cache content-encoding gzip content-length 1374 content-type text/html p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' strict-transport-security max-age=15552000
GET H2	200	/ onetag-sys.com/match/ Frame CE90 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D https://onetag-sys.com/match/?int_id=1&uid=08c06469-b2ec-4900-b360-481a930f7170&gdpr=1&gdpr_consent=	0 291 B	135ms 135ms	Image text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=1&uid=08c06469-b2ec-4900-b360-481a930f7170&gdpr=1&gdpr_consent= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol H2 Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Sun, 21 May 2023 05:58:03 GMT Server MT3 851 9bd98ae master zrh-pixel-x5 config_version:"unknown" Content-Type image/gif Access-Control-Allow-Origin * location https://onetag-sys.com/match/?int_id=1&uid=08c06469-b2ec-4900-b360-481a930f7170&gdpr=1&gdpr_consent= P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Sun, 21 May 2023 05:58:02 GMT
GET		sync.php pixel-eu.rubiconproject.com/exchange/ Frame CE90	0 0
GET H2	200	/ onetag-sys.com/match/ Frame CE90 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3372698217415556595	0 291 B	135ms 135ms	Image text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3372698217415556595 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol H2 Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers Date Sun, 21 May 2023 05:58:02 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 91.239.206.150; 91.239.206.150; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid a42658d4-f768-4556-931d-3def569479a1 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3372698217415556595 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET		tap.php pixel.rubiconproject.com/ Frame CE90	0 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame CE90 Redirect Chain https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDzi5UimD64sWdmJryXD34eGODMuv4-PiQ	170 B 409 B	423ms 143ms	Image image/png	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDzi5UimD64sWdmJryXD34eGODMuv4-PiQ Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol H2 Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 May 2023 05:58:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiDzi5UimD64sWdmJryXD34eGODMuv4-PiQ strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET		sync ssbsync-global.smartadserver.com/api/ Frame CE90	0 0
GET		711916.gif id.rlcdn.com/ Frame CE90	0 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame CE90 Redirect Chain https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0I5Txpbaar5ruekmq4dF6L_xNrBq0R6bpzn8SkM8Eeo	43 B 479 B	1146ms 224ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0I5Txpbaar5ruekmq4dF6L_xNrBq0R6bpzn8SkM8Eeo Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 21 May 2023 05:58:03 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 72ZFD7WYMX9NN2W6HJ16 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0I5Txpbaar5ruekmq4dF6L_xNrBq0R6bpzn8SkM8Eeo strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET		ImgSync image8.pubmatic.com/AdServer/ Frame CE90	0 0
GET H2	200	/ onetag-sys.com/match/ Frame CE90 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOpaD3QQVhnBSfu5fL0XJDs&google_cver=1	0 291 B	141ms 140ms	Image text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOpaD3QQVhnBSfu5fL0XJDs&google_cver=1 Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol H2 Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Sun, 21 May 2023 05:58:03 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOpaD3QQVhnBSfu5fL0XJDs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 298 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	occ ups.analytics.yahoo.com/ups/58488/ Frame CE90	0 125 B	1467ms 138ms	Image text/plain	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.57 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:04 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.57 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET		generic match.adsrvr.org/track/cmf/ Frame CE90	0 0
GET H2	200	sync x.bidswitch.net/ Frame CE90	43 B 146 B	1414ms 138ms	Image image/gif	3.66.125.92
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent= Requested by Host: onetag-sys.com URL: https://onetag-sys.com/usync/?cb=1684648678190 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.66.125.92 -, , ASN (), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language ka-GE,ka;q=0.9 Referer https://onetag-sys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 May 2023 05:58:04 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
POST H3	204	collect www.google-analytics.com/g/	0 17 B	143ms 143ms	Ping text/plain	142.250.185.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je35h0&_p=1271770288&cid=1968445717.1684648677&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&ngs=1&sid=1684648676&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2F13xaxvag&dt=20%20Trailblazers%20Lead%20The%20Way%20In%20Used%20Folding%20Mobility%20Scooter%20For%20Sale%20On%20Ebay%20-%20Pastelink.net&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pastelink.net/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 21 May 2023 05:58:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

contextual.media.net

URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Domain

acdn.adnxs.com

URL

https://acdn.adnxs.com/dmp/async_usersync.html

Domain

u.4dex.io

URL

https://u.4dex.io/usync.html

Domain

ads.pubmatic.com

URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102

Domain

public.servenobid.com

URL

https://public.servenobid.com/sync.html

Domain

eus.rubiconproject.com

URL

https://eus.rubiconproject.com/usync.html

Domain

pixel-eu.rubiconproject.com

URL

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=

Domain

pixel.rubiconproject.com

URL

https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=QbHLDuJPAlUFSm6uXc1ilZouW5d4eEhEIKQpa-5fahM

Domain

ssbsync-global.smartadserver.com

URL

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]

Domain

id.rlcdn.com

URL

https://id.rlcdn.com/711916.gif?ct=4&cv=

Domain

image8.pubmatic.com

URL

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID

Domain

match.adsrvr.org

URL

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=