pastelink.net Open in urlscan Pro
178.79.155.87  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain HTTP 302
• https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&dcc=t

Request Chain 54

• https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=4533c374

Request Chain 55

• https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
• https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=83383cb4-28bb-465d-be54-ffb90436bc0d

Request Chain 56

• https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
• https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
• https://s.amazon-adsystem.com/ecm3?id=AABJrE7E-OsAAEZpEOaw_A&ex=beeswax.com

Request Chain 57

• https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=

Request Chain 60

• https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2088253919002192383&gdpr=0&gdpr_consent=

Request Chain 72

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
• https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1

Request Chain 73

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
• https://u.openx.net/w/1.0/cm?gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
• https://u.openx.net/w/1.0/cm?cc=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D

Request Chain 74

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}

Request Chain 75

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
• https://u.openx.net/w/1.0/cm?gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
• https://u.openx.net/w/1.0/cm?cc=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D

Request Chain 80

• https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastelink.net&random=7531736240562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastelink.net&random=7531736240562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 81

• https://www.awin1.com/cshow.php?s=2470203&v=11354&q=371933&r=278235&pv=1&pref1=64341800013892101324217011957005&gdpr=&gdpr_consent= HTTP 302
• https://www.zenaps.com/cshow.php?pvr=1b9cedb0-d19e-11ec-9e81-226513a850bf&v=11354&r=278235&q=371933&s=2470203&viewref=64341800013892101324217011957005&pv=1&gdpr=&gdpr_consent= HTTP 302
• https://www.conrad.de/ztpv.php?awc=11354_278235_1652323753_1b9cedb0-d19e-11ec-9e81-226513a850bf&insert=AW

Request Chain 85

• https://www.awin1.com/cshow.php?s=2470203&v=11354&q=371933&r=278235&pv=0&pref1=64341800013892101324217011957005&gdpr=&gdpr_consent= HTTP 302
• https://asset.conrad.com/media10/isa/160267/c1/-/de/vorteilsangebote_300x250?format=gif

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request u9euo964 Show response pastelink.net/	28 KB 8 KB	401ms 144ms	Document text/html	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash dd797436457bef1071aec895996e27862f8a05845b068f1291880b36a6b1aaa8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 12 May 2022 02:49:08 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	5 KB 1 KB	646ms 111ms	Stylesheet text/css	142.250.184.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f10.1e100.net Software ESF / Resource Hash 540e025bc67c7dc931b77749d79cb8597aa65a637df38f4c850f8b5b13440b65 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 12 May 2022 02:30:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 12 May 2022 02:49:09 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 12 May 2022 02:49:09 GMT
GET H2	200	styles.css pastelink.net/assets/css/	109 KB 109 KB	99ms 98ms	Stylesheet text/css	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/css/styles.css?q=19 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash f15a4eb1877a68da4221634e6f627567545c439a9f37aafc172a67105fa58455 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/u9euo964 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:08 GMT last-modified Thu, 21 Apr 2022 12:30:52 GMT server nginx etag "62614e7c-1b263" strict-transport-security max-age=31536000; includeSubDomains content-type text/css accept-ranges bytes content-length 111203
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	604ms 100ms	Script application/javascript	69.16.175.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS hwcdn.net Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://pastelink.net/ Origin https://pastelink.net accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:08 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d9d" vary Accept-Encoding x-hw 1652323748.dop254.am5.t,1652323748.cds223.am5.hn,1652323748.cds007.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	script.min.js Show response pastelink.net/assets/js/	58 KB 59 KB	98ms 98ms	Script application/javascript	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://pastelink.net/assets/js/script.min.js?q=19 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash a5606d6a89fe1a7c8d828f36185d65411cb417cdb81db734a4ed79eaf9c7c1ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/u9euo964 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Mon, 18 Apr 2022 15:53:05 GMT server nginx etag "625d8961-e91d" strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript accept-ranges bytes content-length 59677
GET H2	200	js.cookie.min.js Show response cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/	2 KB 1 KB	488ms 65ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 22399889 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 772 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:49 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec5-6d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmvZRFO%2FyDTvP7ztyQwrZtXm5yzLScwhRNJfCt8%2Fzy7g%2Fmfxn0lwyF1mwcjVVHDkv7fD04SmZPKkbirM0Z0wRP5%2FTuIDGQ%2FkdZVUHvIIkWxcdFAXIgCZYm5%2FVSRE5SGpQuD9hole"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 709fd6e67873af57-KEF expires Tue, 02 May 2023 02:49:08 GMT
GET H2	200	rules.js Show response cdn.adligature.com/pl/prod/	15 KB 4 KB	500ms 67ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adligature.com/pl/prod/rules.js Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58d72a5233ebfd1e743e22ed262d3789e16f016f480edde704eb1f025f96497d Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=Qeltzw==, md5=ylHl7uwQEuqLbTvwmsSzCg== date Thu, 12 May 2022 02:49:08 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 534 cf-polished origSize=24672 x-guploader-uploadid ADPycdsL0e1sevQCpE24piiY4kx9euKusVIkZ82muRxQXdl1q-smSMU6vDRwCCRnaTg5lBEzUDZWQv7j1ak-1-fA6Bu4-g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 11 Mar 2022 15:31:09 GMT server cloudflare etag W/"ca51e5eeec1012ea8b6d3bf09ac4b30a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9zSo%2BtdQ5RC%2BXIw9X6vopBpyOp0sW%2FyiKsm%2BSLotY0rtwNV44Lu0OSK9fS10vl%2FtjtDOVgsGS6VCeq1IJZbOJbJVERqrQNEt4z6rqruUqKg5MyeWbO8SnO3CivxAttHOsiHSnM%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647012669667401 content-type application/javascript expires Thu, 12 May 2022 02:43:46 GMT cache-control public, max-age=1800, s-maxage=600, must-revalidate x-goog-stored-content-length 24672 cf-ray 709fd6e68b82af6f-KEF cf-bgj minify
GET H2	200	api.js Show response www.google.com/recaptcha/	906 B 986 B	691ms 159ms	Script text/javascript	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=captchaLoaded Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software GSE / Resource Hash 1722c10659390e4ce9290f0678da1abb9a65218cba98060d6aaaeda98acb1ace Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 573 x-xss-protection 1; mode=block expires Thu, 12 May 2022 02:49:09 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	201 KB 70 KB	400ms 111ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash a8884361373544fffe986920dbb2b2779b809b6d41689a772a965b69bc6ec5ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71615 x-xss-protection 0 last-modified Thu, 12 May 2022 00:06:49 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 12 May 2022 02:49:09 GMT
GET H2	200	advally-4.22.0.js Show response cdn.adligature.com/rules.js/	109 KB 30 KB	228ms 227ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adligature.com/rules.js/advally-4.22.0.js Requested by Host: cdn.adligature.com URL: https://cdn.adligature.com/pl/prod/rules.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f78840b59909196afdbc49145c8ec799d83ce89490a38877339293aba1e5acf Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=XWgWyQ==, md5=OYwJy3Nnx1EyLAn9HSqdig== date Thu, 12 May 2022 02:49:09 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=178270 x-guploader-uploadid ADPycdvtVV4M_VSeBu4IgE7UbsoodCwkSW2sh_PwMnzKwj-5UazcZwXdf2dTNi_-FodhtA7VlR8firKh-eWBwTmxZYs x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 07 Mar 2022 15:13:20 GMT server cloudflare etag W/"398c09cb7367c751322c09fd1d2a9d8a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPEBa%2FKLtWxfnzQAXr0TiF0rtOx9LxOL9gx81R6Fck388YpuzKBS%2FX4sz5W%2BsehU8r%2BQ3VNkbAsYX5SXLpJtzyuyBj8i68b03mRAxaq388IuV9jNApGP4xNfRjqiPtDpKvYAUY4%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1646666000159412 content-type application/javascript cache-control public, max-age=7200, s-maxage=7200, must-revalidate x-goog-stored-content-length 178270 cf-ray 709fd6e85be8af6f-KEF expires Thu, 12 May 2022 04:49:09 GMT
GET H2	200	recaptcha__is.js Show response www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/	363 KB 144 KB	644ms 112ms	Script text/javascript	142.250.181.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__is.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f3.1e100.net Software sffe / Resource Hash 3d9c1c5c1d1ebfbde79af2d5357c306aa948ff6e2945c4d9f28a316d8efe7c5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Origin https://pastelink.net accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 May 2022 01:12:34 GMT content-encoding gzip x-content-type-options nosniff age 178595 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146694 x-xss-protection 0 last-modified Mon, 02 May 2022 04:03:50 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 10 May 2023 01:12:34 GMT
GET H2	200	debut_light.png pastelink.net/assets/images/	4 KB 4 KB	165ms 164ms	Image image/png	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/debut_light.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Thu, 27 May 2021 10:51:09 GMT server nginx etag "60af799d-10c8" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 4296
GET H2	200	pastelink-logo.svg pastelink.net/assets/images/logo/	3 KB 3 KB	165ms 165ms	Image image/svg+xml	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo/pastelink-logo.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash 01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Wed, 06 Oct 2021 13:37:31 GMT server nginx etag "615da69b-d3d" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml accept-ranges bytes content-length 3389
GET DATA	200 OK	truncated /	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 38eb6211db019cf42da61a6685f75e4a35e380e117d3c6148d55cb08a474be49 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	arrow-down-blue.svg pastelink.net/assets/images/	239 B 409 B	164ms 164ms	Image image/svg+xml	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/arrow-down-blue.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash 50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Wed, 29 Sep 2021 15:26:32 GMT server nginx etag "615485a8-ef" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml accept-ranges bytes content-length 239
GET H2	200	moon.svg pastelink.net/assets/images/	2 KB 2 KB	164ms 164ms	Image image/svg+xml	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/moon.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Mon, 18 Apr 2022 15:53:05 GMT server nginx etag "625d8961-62e" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml accept-ranges bytes content-length 1582
GET H2	200	public-black.svg pastelink.net/assets/images/	578 B 748 B	164ms 164ms	Image image/svg+xml	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/public-black.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash 57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Mon, 18 Apr 2022 15:53:05 GMT server nginx etag "625d8961-242" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml accept-ranges bytes content-length 578
GET H2	200	social-spritesheet.png pastelink.net/assets/images/	28 KB 28 KB	164ms 164ms	Image image/png	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/social-spritesheet.png Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash 8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Fri, 05 Nov 2021 18:20:14 GMT server nginx etag "618575de-70de" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 28894
GET H2	200	logo-bg-90-tl.svg pastelink.net/assets/images/	2 KB 2 KB	164ms 164ms	Image image/svg+xml	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo-bg-90-tl.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash 1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Thu, 25 Nov 2021 11:28:22 GMT server nginx etag "619f7356-933" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml accept-ranges bytes content-length 2355
GET H2	200	logo-symbol-non-white-bg.svg pastelink.net/assets/images/	4 KB 5 KB	164ms 163ms	Image image/svg+xml	178.79.155.87 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg Requested by Host: pastelink.net URL: https://pastelink.net/assets/css/styles.css?q=19 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.155.87 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li274-87.members.linode.com Software nginx / Resource Hash 15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/assets/css/styles.css?q=19 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT last-modified Thu, 25 Nov 2021 11:28:22 GMT server nginx etag "619f7356-11c0" strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml accept-ranges bytes content-length 4544
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	644ms 111ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 May 2022 19:24:53 GMT x-content-type-options nosniff age 26656 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 May 2023 19:24:53 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 fonts.gstatic.com/s/montserrat/v24/	12 KB 13 KB	734ms 201ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash e7816b6bd80713ced0fabbf061d7ad97d6d1ff4fbf94a1e2b17fbd61421a3a17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 May 2022 17:11:23 GMT x-content-type-options nosniff age 121066 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12708 x-xss-protection 0 last-modified Tue, 26 Apr 2022 14:37:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 May 2023 17:11:23 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	647ms 114ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 May 2022 19:25:44 GMT x-content-type-options nosniff age 26605 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 May 2023 19:25:44 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	663ms 131ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pastelink.net accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 May 2022 19:25:44 GMT x-content-type-options nosniff age 26605 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 May 2023 19:25:44 GMT
GET H/1.1	200 OK	/ Show response pro.ip-api.com/json/	52 B 207 B	330ms 103ms	XHR application/json	51.77.64.70 OVH
General Check archive.org Show headers Download Go to Full URL https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region Requested by Host: cdn.adligature.com URL: https://cdn.adligature.com/rules.js/advally-4.22.0.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.77.64.70 , Germany, ASN16276 (OVH, FR), Reverse DNS de-fra-1.pro.ip-api.com Software / Resource Hash e822f518198bd2ea9264904a6f5e7d0576bd35b43697abb6a58310be75c8cca9 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 12 May 2022 02:49:09 GMT Content-Length 52 Content-Type application/json; charset=utf-8
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	81 KB 28 KB	370ms 125ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.adligature.com URL: https://cdn.adligature.com/rules.js/advally-4.22.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 1fb8d2467bfabe36a4e16cb801d0cba1cbb60cdafccc257ff83b6c49a9343d58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28393 x-xss-protection 0 server sffe etag "1212 / 364 of 1000 / last-modified: 1652306786" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 12 May 2022 02:49:09 GMT
GET H2	200	prebid-5.20.2.js Show response cdn.adligature.com/prebid/	491 KB 139 KB	83ms 82ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adligature.com/prebid/prebid-5.20.2.js Requested by Host: cdn.adligature.com URL: https://cdn.adligature.com/rules.js/advally-4.22.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1184c1089df5a86d99411c598ded1ee7e3a98cb86da0f6db462b63a52dd77977 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-goog-hash crc32c=7Yg6wQ==, md5=acLztksmdX0PhCiS7jYhYg== date Thu, 12 May 2022 02:49:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 535 cf-polished origSize=502917 x-guploader-uploadid ADPycdvZXPrDqsUqFrNQvh_VquWrIMDYtThANER99V-Gzd0qPeEIEm8bBwig8NWPOkicxOUWfFUYoNTDsTZQOVWXSXxO4g x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 15 Mar 2022 20:02:46 GMT server cloudflare etag W/"69c2f3b64b26757d0f842892ee362162" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlLoDKuTL4kH%2BsJQ7aLSNWDiTnV32xqmPwbAz%2BY2sxs66FnXY4XDQYmAOupi3xJcw%2FTPC89e6tJ%2B4GM%2BSNQ4kvI3o%2F%2F%2BwI2ct8pKLsRn%2FIPOA2wc52sFdkG46wRS8ld1jjj3NL0%3D"}],"group":"cf-nel","max_age":604800} content-language en x-goog-generation 1643647566178087 content-type application/javascript expires Thu, 12 May 2022 02:46:16 GMT cache-control public, max-age=1800, s-maxage=600, must-revalidate x-goog-stored-content-length 502917 cf-ray 709fd6e9cc4baf6f-KEF cf-bgj minify
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	135 KB 37 KB	410ms 151ms	Script application/javascript	65.9.89.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn.adligature.com URL: https://cdn.adligature.com/rules.js/advally-4.22.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.89.219 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-89-219.prg50.r.cloudfront.net Software Server / Resource Hash 06dac66f8ccb6659374711acb6acf073511421ff522d519cc1766746330679ad Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id DyOkuY3O47P100TAJr7PAMxPkYBaI3MW content-encoding gzip etag ae8d955adf98458335c127f4461070c2 age 116 x-cache Hit from cloudfront server Server x-amz-rid 0QS29XN9X9T2TEK9CTXZ date Thu, 12 May 2022 02:49:09 GMT vary Accept-Encoding content-type application/javascript via 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop PRG50-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id tzQcYBeMqhuBZ-2lU7SAcBaLsondYphX7Vx3HzfwWQ3K4y64JJOiUQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	189 KB 68 KB	109ms 108ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 1c754aafe55f97c7b87ebdb63e39052d3f149f4e7332e1380364e509211d9664 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:09 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69494 x-xss-protection 0 expires Thu, 12 May 2022 02:49:09 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	644ms 111ms	Script text/javascript	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1801 date Thu, 12 May 2022 02:19:09 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 12 May 2022 04:19:09 GMT
GET H2	204	a www.googletagmanager.com/	0 128 B	153ms 152ms	Image image/gif	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&es=1&e=gtm.init_consent&eid=1&ut=C&tc=38&z=0 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:09 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	a www.googletagmanager.com/	0 54 B	157ms 156ms	Image image/gif	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&es=1&e=gtm.init&eid=2&ut=C&tc=38&z=0 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:09 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	a www.googletagmanager.com/	0 54 B	157ms 156ms	Image image/gif	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&es=1&e=gtm.js&eid=3&ut=C&tc=38&tr=1gclidw.1gaawc.1ua.1lcl.1cl.1lcl.1cl.1cl.1evl.1cl.1cl.1cl.1evl.1evl&ti=1gclidw.1gaawc.1ua.1lcl.1cl.1lcl.1cl.1cl.1evl.1cl.1cl.1cl.1evl.1evl&z=0 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:09 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	a www.googletagmanager.com/	0 54 B	155ms 155ms	Image image/gif	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&es=1&e=gtm.dom&eid=5&ut=C&tc=38&z=0 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:09 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_2022050901.js Show response securepubads.g.doubleclick.net/gpt/	367 KB 125 KB	112ms 111ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 010c2e34dbc2aaadf863b6025f837d39a6d507fcb2389f306875b60242429822 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 May 2022 21:47:54 GMT content-encoding gzip x-content-type-options nosniff age 18075 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127498 x-xss-protection 0 last-modified Mon, 09 May 2022 08:34:50 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 11 May 2023 21:47:54 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	73 B 97 B	345ms 121ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 12 May 2022 02:49:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72 x-xss-protection 0 expires Thu, 12 May 2022 02:49:10 GMT
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	358ms 119ms	XHR application/javascript	65.9.89.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.89.219 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-89-219.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 4031 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Thu, 28 Apr 2022 01:41:20 GMT server AmazonS3 date Thu, 12 May 2022 01:47:07 GMT vary Origin access-control-allow-methods GET content-type application/javascript via 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop PRG50-C1 x-amz-cf-id Hev7zxpyejpOTOk8NrnS_rfenEETJAKIOINZXO21apZk1pCfta1Zkw==
POST H2	204	collect www.google-analytics.com/g/	0 169 B	482ms 133ms	Ping text/plain	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=2oe590&_p=223391979&_z=ccd.tbB&cid=1034093914.1652323750&ul=en-us&sr=1600x1200&_s=1&sid=1652323749&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fu9euo964&dt=5%20LANGKAH%20MUDAH%20DAFTAR%20PUJA88%20-%20SLOT%20DEPOSIT%20DANA%20TANPA%20POTONGAN%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:10 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	a www.googletagmanager.com/	0 54 B	109ms 109ms	Image image/gif	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&e=gtm.js&eid=3&ut=C&tc=38&tr=5gclidw.5gaawc.5lcl.5cl.5lcl.5cl.5cl.5evl.5cl.5cl.5cl.5evl.5evl&ti=1gclidw.1gaawc.1lcl.1cl.1lcl.1cl.1cl.1evl.1cl.1cl.1cl.1evl.1evl&z=0 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:09 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 307 B	119ms 118ms	XHR text/plain	65.9.89.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpastelink.net&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.89.219 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-89-219.prg50.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 01:20:46 GMT via 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront) server Server age 5303 x-cache Hit from cloudfront access-control-allow-origin https://pastelink.net cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop PRG50-C1 x-amz-cf-id 57wEAlmslgWaEMq5loZuvwz2Xrpn8_wp2pAR-p9wFV5DnLyRq2O13w==
GET H2	200	op.js Show response tagan.adlightning.com/advally-pastelink/	48 KB 19 KB	411ms 136ms	Script application/javascript	65.9.96.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/advally-pastelink/op.js Requested by Host: cdn.adligature.com URL: https://cdn.adligature.com/rules.js/advally-4.22.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-96-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 555d30e2a738e3ad8d480be7ea7f0de4a718249a7c6c21b77b4b9a93579128ee Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 5B5RIuWrPpziyhEpawNuq6kwNp_aovS2 content-encoding gzip etag "c9e63eda2b3948f373ef34f7afa83635" age 516 x-cache Hit from cloudfront content-length 19446 x-amz-meta-git_commit 92ee7c4 last-modified Mon, 25 Apr 2022 05:16:03 GMT server AmazonS3 date Thu, 12 May 2022 02:43:08 GMT content-type application/javascript via 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop PRG50-C1 accept-ranges bytes x-amz-cf-id -LG96NJqOTmnYe3AkyK_UB0mq293LaPEt2yU9xA9J0D-kshDUR544w==
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	183 B 651 B	172ms 172ms	XHR text/javascript	65.9.89.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpastelink.net%2Fu9euo964&pid=n0J1TuHo7f86h&cb=0&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22advally-adhesion-slot%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FBottom_adhesion_banner%22%7D%2C%7B%22sd%22%3A%22Top_leaderboard%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FTop_leaderboard%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-pl-728x90-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FInline_banner%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-pl-728x90-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FInline_banner%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-pl-728x90-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FInline_banner%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-pl-728x90-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FInline_banner%22%7D%2C%7B%22sd%22%3A%22AdvallyTag-pl-728x90-5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FInline_banner%22%7D%2C%7B%22sd%22%3A%22Sidebar_MPU%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F22405481091%2Fpastelink.net%2FSidebar_MPU%22%7D%5D&schain=1.0%2C1!advally.com%2CP58S175%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.89.219 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-89-219.prg50.r.cloudfront.net Software Server / Resource Hash 9eccba8e6bebb13f74ca092def2f5fbdcca30469d69f46476c58c7999928abf7 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:10 GMT via 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront) server Server x-amz-cf-pop PRG50-C1 x-amz-rid PQZ7120YRVK9ZRW8P0SN vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://pastelink.net access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 183 x-amz-cf-id HUPuvadja65nNp5Y7-IZk0xXqYZV4lh7HxhY7-0DWkgWiKZyRC0-UQ==
GET H2	200	integrator.js Show response adservice.google.is/adsid/	107 B 792 B	693ms 124ms	Script application/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.is/adsid/integrator.js?domain=pastelink.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 12 May 2022 02:49:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	657ms 115ms	Script application/javascript	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=pastelink.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 12 May 2022 02:49:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	26 KB 10 KB	626ms 625ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1691803051693390&correlator=1047930230617509&eid=31067550&output=ldjh&gdfp_req=1&vrg=2022050901&ptt=17&impl=fifs&iu_parts=22405481091%2Cpastelink.net%2CBottom_adhesion_banner%2CTop_leaderboard%2CInline_banner%2CSidebar_MPU&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%2C320x50%7C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C160x600&fluid=0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=3402602959%2C1666686559%2C2365527928%2C2365527929%2C2365527910%2C2365527911%2C2365527908%2C2108190548&sfv=1-0-38&ecs=20220512&fsapi=false&eri=1&cust_params=refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1652323750247&lmt=1652323750&dlt=1652323748402&idt=1795&biw=1600&bih=1200&adxs=436%2C310%2C513%2C513%2C513%2C513%2C513%2C1071&adys=1105%2C333%2C821%2C1497%2C2173%2C2823%2C3497%2C521&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fu9euo964&frm=20&vis=1&scr_x=0&scr_y=0&psz=728x-1%7C705x172%7C665x250%7C665x250%7C665x250%7C665x250%7C665x250%7C168x607&msz=728x-1%7C705x0%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C160x-1&fws=516%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1034093914.1652323750&ga_sid=1652323750&ga_hid=223391979&ga_fc=true&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C0&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash c1ea40715826ae0a0644d4ed0f4b61f7ae500ab23833085d178f5114153d0b55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:10 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9866 x-xss-protection 0 google-lineitem-id -2,-2,-2,-2,-2,-1,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,-2,-2,-1,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://pastelink.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 587C	6 KB 4 KB	681ms 122ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050901.js?cb=31067550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 12 May 2022 02:49:10 GMT expires Fri, 12 May 2023 02:49:10 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	iu3 Show response aax-eu.amazon-adsystem.com/s/ Frame 651E Redirect Chain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&dcc=t	329 B 1 KB	279ms 279ms	Document text/html	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 9648ec36f6bd44e836304b1c0dc3a916afb55b49cad9e5e99a8f2f291c1c9f72 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 329 Content-Type text/html;charset=ISO-8859-1 Date Thu, 12 May 2022 02:49:11 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Permissions-Policy interest-cohort=() Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid G1ENF2ZV2TAB1DTEV9TP Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Thu, 12 May 2022 02:49:10 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&dcc=t Permissions-Policy interest-cohort=() Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid JBTVEEEZ57EXYNMDVZX7
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 91 B	407ms 106ms	XHR text/plain	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=223391979&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fu9euo964&ul=en-us&de=UTF-8&dt=5%20LANGKAH%20MUDAH%20DAFTAR%20PUJA88%20-%20SLOT%20DEPOSIT%20DANA%20TANPA%20POTONGAN%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1645061994&gjid=578614323&cid=1034093914.1652323750&tid=UA-55088947-2&_gid=1441325033.1652323750&_r=1&gtm=2wg59055WHPWQ&z=1139355636 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pastelink.net/ accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 May 2022 02:49:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 69 B	407ms 106ms	XHR text/plain	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=223391979&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fu9euo964&ul=en-us&de=UTF-8&dt=5%20LANGKAH%20MUDAH%20DAFTAR%20PUJA88%20-%20SLOT%20DEPOSIT%20DANA%20TANPA%20POTONGAN%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=417733447&gjid=89631238&cid=1034093914.1652323750&tid=UA-197326395-9&_gid=1441325033.1652323750&_r=1&_slc=1&z=742031808 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pastelink.net/ accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 12 May 2022 02:49:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://pastelink.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	b-92ee7c4-8f2ead2b.js Show response tagan.adlightning.com/advally-pastelink/	81 KB 31 KB	138ms 138ms	Script application/javascript	65.9.96.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/advally-pastelink/b-92ee7c4-8f2ead2b.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/advally-pastelink/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-96-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 70f66f52c5175d8affe0b3c33eb95772df57e78c165585d6ba7768bbde65186b Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Mar 2022 17:45:14 GMT content-encoding gzip age 4957437 x-cache Hit from cloudfront content-length 31201 x-amz-meta-git_commit 92ee7c4 last-modified Tue, 15 Mar 2022 17:44:52 GMT server AmazonS3 etag "9b44c3288db187d40356da20146e0d49" x-amz-version-id .uFSIez6q5oK7jLUQU1CS90z4mAQacV5 via 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop PRG50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id nDhLqTHoFoFadnIB0HsDPaV31lcxlLf_At7J6H9hcu0_EMR6PWWCCQ==
GET H2	200	bl-c5c1c29-865ef322.js Show response tagan.adlightning.com/advally-pastelink/	46 KB 20 KB	138ms 138ms	Script application/javascript	65.9.96.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/advally-pastelink/bl-c5c1c29-865ef322.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/advally-pastelink/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-96-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 5e89c49022133cbdda641e5acd29f70ee0fdbd9314bf6dbe080c12d1ebf04a7b Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 25 Apr 2022 05:33:24 GMT content-encoding gzip age 1458947 x-cache Hit from cloudfront content-length 19738 x-amz-meta-git_commit c5c1c29 last-modified Mon, 25 Apr 2022 05:15:12 GMT server AmazonS3 etag "63f53953e1d6c81a220eb706da696209" x-amz-version-id ugQ5m0YG2B_LoVB1MQU551hk1JmsiTFJ via 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop PRG50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id fokyaUyuybMkmZFFvqGeUGdyO6-aqVHb7xDKRjIDyOM8sjDNPfFVwA==
GET H2	200	container.html Show response 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB39	6 KB 3 KB	413ms 112ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/advally-pastelink/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pastelink.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 12 May 2022 02:49:10 GMT expires Fri, 12 May 2023 02:49:10 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	pr Show response aax-eu.amazon-adsystem.com/s/v3/ Frame F3D9	2 KB 2 KB	127ms 127ms	Document text/html	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&dcc=t Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 7443bf308b9a67b9840867eb54a1bff9ddfd8279c72cd9737cdc92e9d54095dc Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&dcc=t Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 1855 Content-Type text/html;charset=ISO-8859-1 Date Thu, 12 May 2022 02:49:11 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Permissions-Policy interest-cohort=() Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent x-amz-rid QQEVHKXR2YFK4VKV3C1W
GET H2	204	a www.googletagmanager.com/	0 54 B	413ms 113ms	Image image/gif	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&e=gtm.js&eid=3&u=C&ut=C&tc=38&tr=5ua&epr=1G.2G&cl=g.174.7&ti=1ua&z=0 Requested by Host: pastelink.net URL: https://pastelink.net/u9euo964 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://pastelink.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:11 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame F3D9 Redirect Chain https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=4533c374	43 B 556 B	130ms 129ms	Image image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=4533c374 Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 May 2022 02:49:12 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid VSWAVVEDDFS8VK7BJT6X Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Thu, 12 May 2022 02:49:12 GMT via 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop PRG50-C1 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=4533c374 cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id w2Ype85vrdrMWhH81Gcne3JwxqGzS6AcALSCm9kyrhpPmXiDHcNKkw==
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame F3D9 Redirect Chain https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=83383cb4-28bb-465d-be54-ffb90436bc0d	43 B 556 B	113ms 113ms	Image image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=83383cb4-28bb-465d-be54-ffb90436bc0d Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 May 2022 02:49:12 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 3FCCT8NAJCRKSMSRFMC1 Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=83383cb4-28bb-465d-be54-ffb90436bc0d Date Thu, 12 May 2022 02:49:12 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame F3D9 Redirect Chain https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 https://s.amazon-adsystem.com/ecm3?id=AABJrE7E-OsAAEZpEOaw_A&ex=beeswax.com	43 B 556 B	745ms 191ms	Image image/gif	52.46.154.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=AABJrE7E-OsAAEZpEOaw_A&ex=beeswax.com Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 May 2022 02:49:12 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 46JF914DQ15G0QV3JJW2 Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.amazon-adsystem.com/ecm3?id=AABJrE7E-OsAAEZpEOaw_A&ex=beeswax.com Date Thu, 12 May 2022 02:49:11 GMT Server nginx Connection keep-alive Content-Length 0 strict-transport-security max-age=2592000; includeSubDomains
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame F3D9 Redirect Chain https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=	43 B 556 B	171ms 128ms	Image image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id= Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 May 2022 02:49:12 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid CA18ZX92J9XF122XQ0YY Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id= Pragma no-cache Date Thu, 12 May 2022 02:49:12 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 88 Content-Type text/html; charset=utf-8
GET H2	200	/ Show response match.sharethrough.com/jwumXNuB/v1/ Frame BFA5	434 B 619 B	328ms 105ms	Document text/html	54.93.37.143 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.93.37.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-37-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 3f62fdf30e58713ac5cae9633b5cb98b64802384fa7d1f38a707df020d550ea6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers content-length 434 date Thu, 12 May 2022 02:49:11 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 702D	15 KB 6 KB	325ms 105ms	Document text/html	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers accept-ranges bytes cache-control max-age=38314 content-encoding gzip content-length 5549 content-type text/html; charset=UTF-8 date Thu, 12 May 2022 02:49:11 GMT etag "1300708-3de4-5d6ef246ef4cf" expires Thu, 12 May 2022 13:27:45 GMT last-modified Tue, 01 Feb 2022 06:38:00 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache/2.2.15 (CentOS) vary Accept-Encoding
GET H/1.1	200 OK	ecm3 Show response aax-eu.amazon-adsystem.com/s/ Frame AEA1 Redirect Chain https://ssbsync.smartadserver.com/api/sync?callerId=2 https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2088253919002192383&gdpr=0&gdpr_consent=	43 B 556 B	130ms 129ms	Document image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2088253919002192383&gdpr=0&gdpr_consent= Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Thu, 12 May 2022 02:49:11 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Permissions-Policy interest-cohort=() Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent x-amz-rid 74TTH160NBBCF3YT636C Redirect headers content-length 0 date Thu, 12 May 2022 02:49:11 GMT location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=2088253919002192383&gdpr=0&gdpr_consent=
GET H2	204	current amazon-tam-match.dotomi.com/match/bounce/ Frame 78B9	0 0	716ms 186ms	Document text/plain	64.158.223.137 VCLK-EU-SE
General Check archive.org Show headers Download Go to Full URL https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D Requested by Host: aax-eu.amazon-adsystem.com URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_n-LoopMe_pm-db5_n-Beeswax_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.158.223.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US), Reverse DNS ams02-usadmm.dotomi.com Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers cache-control no-cache, private, max-age=0, no-store date Thu, 12 May 2022 02:49:11 GMT expires 0 pragma no-cache server nginx
GET H2	200	bl-c5c1c29-865ef322.js Show response tagan.adlightning.com/advally-pastelink/ Frame CB39	46 KB 20 KB	137ms 137ms	Script application/javascript	65.9.96.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/advally-pastelink/bl-c5c1c29-865ef322.js Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-96-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 5e89c49022133cbdda641e5acd29f70ee0fdbd9314bf6dbe080c12d1ebf04a7b Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 25 Apr 2022 05:33:24 GMT content-encoding gzip age 1458948 x-cache Hit from cloudfront content-length 19738 x-amz-meta-git_commit c5c1c29 last-modified Mon, 25 Apr 2022 05:15:12 GMT server AmazonS3 etag "63f53953e1d6c81a220eb706da696209" x-amz-version-id ugQ5m0YG2B_LoVB1MQU551hk1JmsiTFJ via 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop PRG50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id L8vFhXwEVYD0JQWkzYSjzTYXNM_tN8IilvtMP5cZSvyVKr-U8SzC8g==
GET H2	200	b-92ee7c4-8f2ead2b.js Show response tagan.adlightning.com/advally-pastelink/ Frame CB39	81 KB 31 KB	158ms 158ms	Script application/javascript	65.9.96.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/advally-pastelink/b-92ee7c4-8f2ead2b.js Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.96.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-96-7.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 70f66f52c5175d8affe0b3c33eb95772df57e78c165585d6ba7768bbde65186b Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 15 Mar 2022 17:45:14 GMT content-encoding gzip age 4957438 x-cache Hit from cloudfront content-length 31201 x-amz-meta-git_commit 92ee7c4 last-modified Tue, 15 Mar 2022 17:44:52 GMT server AmazonS3 etag "9b44c3288db187d40356da20146e0d49" x-amz-version-id .uFSIez6q5oK7jLUQU1CS90z4mAQacV5 via 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop PRG50-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id 8YiWEAECKOcOdZaI-eK3CqkSLaHZadt1i7E4tgd9GErRRfCscUoo4A==
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame CB39	3 KB 1 KB	272ms 133ms	Script text/javascript	216.58.212.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f1.1e100.net Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:39:28 GMT content-encoding gzip x-content-type-options nosniff age 584 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 26 May 2022 02:39:28 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CB39	120 KB 37 KB	658ms 124ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37409 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1652096384767712" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 12 May 2022 02:49:12 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame CB39	15 KB 7 KB	644ms 111ms	Script text/javascript	216.58.212.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f1.1e100.net Software cafe / Resource Hash bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:17:48 GMT content-encoding gzip x-content-type-options nosniff age 1884 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6415 x-xss-protection 0 server cafe etag 567849196274905959 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 26 May 2022 02:17:48 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame CB39	0 0	422ms 121ms	Image text/html	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkj6rUi8IsA2MREldfr4XOkmoPOycvAZDK0F_hlST2_l-SildV58vSLlwaNtZ46zfV5jFup1GH5mdEc9dDYjeoimciYA Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CB39	22 KB 7 KB	655ms 122ms	Script text/javascript	216.58.212.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f1.1e100.net Software sffe / Resource Hash 0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 06 May 2022 09:45:02 GMT content-encoding gzip x-content-type-options nosniff age 493450 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7022 x-xss-protection 0 last-modified Tue, 02 Mar 2021 20:17:03 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 06 May 2023 09:45:02 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame CB39	0 0	152ms 152ms	Fetch text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CliaTpnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPMBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7hBQ8U0xUavEcx4X69A9ubISsOx8D0nKwREwW1S1Qz1HIyvLQ0d-4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTYwMjUxOTUwMjYxODI2Mhj63nw&sigh=Xf7LOblqk9Y&uach_m=[UACH]&cid=CAQSPwCNIrLMpGXz-c2tc44uqrvX7botXQ-fzEKJJOHyM2e0wxmr0TZxEhbflrhagK-HzJy0m-iAfk8yWx95h9MRcBgB Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software / Resource Hash Request headers accept-language is-IS,is;q=0.9 Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200	ShowAd Show response brain.rvty.net/RTB/ Frame 95C6	2 KB 2 KB	323ms 106ms	Document text/html	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=97944753&bannerId=146064&e=3&p=Ynx1pgAFmO8K3rhKAAicfzXbXaSFdSrV0PPX2Q&penc=&bp=23077&a=627c75a6-0007-7f26-0ae0-1b15e50748c6&n=1&geo=20638&rawURL=https%3A%2F%2Fpastelink.net%2Fu9euo964&rawReferrerURL=&uid=7c824185-670d-4188-ad46-3bcc055b6fec&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHN66A6AVgA4BmPshQQcReAFlsEFAAtKeCMQBCATUoBnHDQCmyqgW14slRjTgAWHhzpcAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3D&gdpr=1&gdpr_consent= Requested by Host: 5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com URL: https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 6285fa8a585ec807203230b82bbf129c7d972196ea2c15ccd4ef8b6e2e7e3217 Request headers Referer https://5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Thu, 12 May 2022 02:49:12 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server nginx/1.13.4 Transfer-Encoding chunked
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame BFA5	43 B 556 B	149ms 128ms	Image image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=sharethrough.com&id=252de709-251a-4698-9041-4c7f75a63812 Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 May 2022 02:49:11 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 81CCTGTJSNFG48AWXZ69 Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	cookiesync bttrack.com/pixel/ Frame BFA5 Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1	35 B 380 B	717ms 178ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol HTTP/1.1 Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-ServerName Track002-iad Pragma no-cache Date Thu, 12 May 2022 02:49:10 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1 Redirect headers location https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 date Thu, 12 May 2022 02:49:11 GMT content-length 0
GET H2	200	v1 match.sharethrough.com/sync/ Frame BFA5 Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 https://u.openx.net/w/1.0/cm?gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync... https://u.openx.net/w/1.0/cm?cc=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2... https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D	68 B 260 B	105ms 105ms	Image image/png	54.93.37.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 54.93.37.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-37-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:12 GMT content-length 68 content-type image/png Redirect headers date Thu, 12 May 2022 02:49:12 GMT content-encoding gzip server OXGW/18.1.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 via 1.1 google
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame BFA5 Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}	70 B 265 B	331ms 108ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 12 May 2022 02:49:12 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" Redirect headers location https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80} date Thu, 12 May 2022 02:49:11 GMT content-length 0
GET H2	200	v1 match.sharethrough.com/sync/ Frame BFA5 Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 https://u.openx.net/w/1.0/cm?gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync... https://u.openx.net/w/1.0/cm?cc=1&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_80}&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2... https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D	68 B 260 B	105ms 105ms	Image image/png	54.93.37.143 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 54.93.37.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-37-143.eu-central-1.compute.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:12 GMT content-length 68 content-type image/png Redirect headers date Thu, 12 May 2022 02:49:12 GMT content-encoding gzip server OXGW/18.1.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=57e3c5fd-3060-0fe6-37c6-d21a9cb209a5&gdpr=0&gdpr_consent=%7BGDPR_CONSENT_80%7D content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 via 1.1 google
GET H2	200	UCookieSetPug Show response image6.pubmatic.com/AdServer/ Frame 702D	60 B 268 B	1938ms 240ms	Script text/html	192.82.242.209 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 7a1f03cfd9e71403e0e89b4dc6d93f971b16a485a030457fc52915df73b65c34 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 May 2022 02:49:12 GMT cache-control private expires Tue, 9 Aug 2022 19:17:47 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 60 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	ads_view.js Show response cdn.rvty.net/view/ Frame 95C6	3 KB 4 KB	318ms 104ms	Script application/javascript	89.163.211.242 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.rvty.net/view/ads_view.js Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=97944753&bannerId=146064&e=3&p=Ynx1pgAFmO8K3rhKAAicfzXbXaSFdSrV0PPX2Q&penc=&bp=23077&a=627c75a6-0007-7f26-0ae0-1b15e50748c6&n=1&geo=20638&rawURL=https%3A%2F%2Fpastelink.net%2Fu9euo964&rawReferrerURL=&uid=7c824185-670d-4188-ad46-3bcc055b6fec&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHN66A6AVgA4BmPshQQcReAFlsEFAAtKeCMQBCATUoBnHDQCmyqgW14slRjTgAWHhzpcAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3D&gdpr=1&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.242 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054 Request headers accept-language is-IS,is;q=0.9 Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 May 2022 02:49:12 GMT Last-Modified Fri, 20 Dec 2019 09:27:25 GMT Server nginx/1.13.4 ETag "5dfc93fd-d40" Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 3392
GET DATA	200 OK	truncated / Frame CB39	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b5ba9dd317464292bc2c6ea031c18cf7901e10ec1eb91682c2f084409a607844 Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	qhox7ipf78wv Show response ad.ad-srv.net/zone/ Frame 95C6	11 KB 4 KB	350ms 116ms	Script text/html	46.4.10.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/zone/qhox7ipf78wv?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=97944753&bannerId=146064&e=3&p=Ynx1pgAFmO8K3rhKAAicfzXbXaSFdSrV0PPX2Q&penc=&bp=23077&a=627c75a6-0007-7f26-0ae0-1b15e50748c6&n=1&geo=20638&rawURL=https%3A%2F%2Fpastelink.net%2Fu9euo964&rawReferrerURL=&uid=7c824185-670d-4188-ad46-3bcc055b6fec&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHN66A6AVgA4BmPshQQcReAFlsEFAAtKeCMQBCATUoBnHDQCmyqgW14slRjTgAWHhzpcAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3D&gdpr=1&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.10.4.46.clients.your-server.de Software Apache / Resource Hash f39debd5de8adf920e969c26613962815a89d0454922f51a691c93b283954155 Request headers accept-language is-IS,is;q=0.9 Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 May 2022 02:49:12 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3472 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	request.php Show response ad5.ad-srv.net/ Frame 95C6 Redirect Chain https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x25... https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x25...	2 KB 1 KB	435ms 189ms	Script application/x-javascript	138.201.63.165 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastelink.net&random=7531736240562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=97944753&bannerId=146064&e=3&p=Ynx1pgAFmO8K3rhKAAicfzXbXaSFdSrV0PPX2Q&penc=&bp=23077&a=627c75a6-0007-7f26-0ae0-1b15e50748c6&n=1&geo=20638&rawURL=https%3A%2F%2Fpastelink.net%2Fu9euo964&rawReferrerURL=&uid=7c824185-670d-4188-ad46-3bcc055b6fec&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHN66A6AVgA4BmPshQQcReAFlsEFAAtKeCMQBCATUoBnHDQCmyqgW14slRjTgAWHhzpcAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3D&gdpr=1&gdpr_consent= Protocol HTTP/1.1 Server 138.201.63.165 Reilingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.165.63.201.138.clients.your-server.de Software Apache / Resource Hash 4da4ee4f16db0675223596b088eaecd669600749abf6ca92ce719c72d1e16647 Request headers accept-language is-IS,is;q=0.9 Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 12 May 2022 02:49:13 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 64341800013892101324217011957005 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 733 Expires Thu, 12 May 2022 03:49:13 +0200 Redirect headers Pragma no-cache Date Thu, 12 May 2022 02:49:13 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastelink.net&random=7531736240562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Thu, 12 May 2022 03:49:13 +0200
GET H2	200	ztpv.php Show response www.conrad.de/ Frame 4BA4 Redirect Chain https://www.awin1.com/cshow.php?s=2470203&v=11354&q=371933&r=278235&pv=1&pref1=64341800013892101324217011957005&gdpr=&gdpr_consent= https://www.zenaps.com/cshow.php?pvr=1b9cedb0-d19e-11ec-9e81-226513a850bf&v=11354&r=278235&q=371933&s=2470203&viewref=64341800013892101324217011957005&pv=1&gdpr=&gdpr_consent= https://www.conrad.de/ztpv.php?awc=11354_278235_1652323753_1b9cedb0-d19e-11ec-9e81-226513a850bf&insert=AW	0 695 B	695ms 187ms	Document text/html	104.18.126.5
General Check archive.org Show headers Download Go to Full URL https://www.conrad.de/ztpv.php?awc=11354_278235_1652323753_1b9cedb0-d19e-11ec-9e81-226513a850bf&insert=AW Requested by Host: ad5.ad-srv.net URL: https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastelink.net&random=7531736240562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.126.5 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://brain.rvty.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers age 0 cache-control no-cache cf-cache-status DYNAMIC cf-ray 709fd70c0929af5d-KEF content-encoding br content-type text/html; charset=UTF-8 date Thu, 12 May 2022 02:49:15 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires -1 p3p policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" server cloudflare strict-transport-security max-age=15552000 via 1.1 varnish (Varnish/6.6) x-varnish 192868362 Redirect headers Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 0 Date Thu, 12 May 2022 02:49:14 GMT Location https://www.conrad.de/ztpv.php?awc=11354_278235_1652323753_1b9cedb0-d19e-11ec-9e81-226513a850bf&insert=AW Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Strict-Transport-Security max-age=86400
GET H/1.1	200 OK	request_content.php Show response ad5.ad-srv.net/ Frame E56A	6 KB 2 KB	373ms 127ms	Document text/html	138.201.63.165 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad5.ad-srv.net/request_content.php?s=64341800013892101324217011957005&a=0a70a3c6 Requested by Host: ad5.ad-srv.net URL: https://ad5.ad-srv.net/request.php?zone=qhox7ipf78wv&nw=14&renderingType=javascript&namespace=a8a6ede3d2&subid=&uid=3c32f42dd2025c2a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3Dhttp%253A%252F%252Fbrain.rvty.net%252FRTB%252FClick%253Fx%253DEASY-X-COORDINATE%2526y%253DEASY-Y-COORDINATE%2526s%253D97944753%2526a%253D146064%2526t%253D1652323752140%2526l%253D20638%2526p%253D3%2526appid%253D%2526aa%253D627c75a6-0007-7f26-0ae0-1b15e50748c6%2526gdpr%253D1%2526gdpr_consent%253D%2526dest%253D&documentReferer=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F5de1c2757c7068516e83a5e4c8b33db2.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fpastelink.net&random=7531736240562&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.165 Reilingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.165.63.201.138.clients.your-server.de Software Apache / Resource Hash 88fa4a64adbeb2ac7f78515073866e34fd49b18838d3d8b67658fc7846c46eb0 Request headers Referer https://brain.rvty.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2066 Content-Type text/html; charset=utf-8 Date Thu, 12 May 2022 02:49:14 GMT Expires Thu, 12 May 2022 03:49:14 +0200 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response cdn.rvty.net/_files/js/ Frame FE03	91 KB 91 KB	207ms 207ms	Script application/javascript	89.163.211.242 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/view/ads_view.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.242 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers accept-language is-IS,is;q=0.9 Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 May 2022 02:49:13 GMT Last-Modified Wed, 08 Jan 2020 08:13:37 GMT Server nginx/1.13.4 ETag "5e158f31-16bb3" Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 93107
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame C007	735 B 582 B	301ms 98ms	Document text/html	198.47.127.20 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156657&sc=1&pr=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=7E8D2BEE-53D9-4C46-9296-72A602A8E948&rs=3&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash f89d736a63385140e4d77843ac3330c6f294efa7ef543e99181344a8f3fd98eb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers cache-control no-store, no-cache, private content-encoding gzip content-type text/html; charset=utf-8 date Thu, 12 May 2022 02:49:13 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx
GET H2	200	vorteilsangebote_300x250 asset.conrad.com/media10/isa/160267/c1/-/de/ Frame E56A Redirect Chain https://www.awin1.com/cshow.php?s=2470203&v=11354&q=371933&r=278235&pv=0&pref1=64341800013892101324217011957005&gdpr=&gdpr_consent= https://asset.conrad.com/media10/isa/160267/c1/-/de/vorteilsangebote_300x250?format=gif	54 KB 54 KB	346ms 105ms	Image image/gif	178.79.242.245 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://asset.conrad.com/media10/isa/160267/c1/-/de/vorteilsangebote_300x250?format=gif Requested by Host: ad5.ad-srv.net URL: https://ad5.ad-srv.net/request_content.php?s=64341800013892101324217011957005&a=0a70a3c6 Protocol H2 Server 178.79.242.245 , United States, ASN22822 (LLNW, US), Reverse DNS https-178-79-242-245.fra.llnw.net Software Cliplister GmbH / Resource Hash 740970e30ec191f1bb732395c0edc43a5f111f0d2bbb21e7f9aa95fc76228e24 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language is-IS,is;q=0.9 Referer https://ad5.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15768000 etag "6278c34a-d768" last-modified Mon, 09 May 2022 07:31:22 GMT server Cliplister GmbH age 68945 date Thu, 12 May 2022 02:49:14 GMT content-type image/gif access-control-allow-origin * cache-control max-age=172800 x-server c10 reporting eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjdiR3dqRDg5SDNXSzk5Y2syYjJTYXJDQVQiLCJ1dWlkIjoiMTZkMWZhODUxOTQ3NDRmN2E0YmUxNzVjOGE5MmYxMzUiLCJhc3NldHR5cGUiOiJwaWN0dXJlIn0= x-llid 7cbe524bcebd491bfbeb02fdba0d4fed content-length 55144 accept-ranges bytes expires Fri, 13 May 2022 07:40:09 GMT Redirect headers Date Thu, 12 May 2022 02:49:14 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://asset.conrad.com/media10/isa/160267/c1/-/de/vorteilsangebote_300x250?format=gif Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H/1.1	200 OK	viewability Show response ad5.ad-srv.net/ Frame E56A	0 150 B	374ms 128ms	Script text/html	138.201.63.165 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad5.ad-srv.net/viewability?s=64341800013892101324217011957005&a=67d717bb&vb=m Requested by Host: ad5.ad-srv.net URL: https://ad5.ad-srv.net/request_content.php?s=64341800013892101324217011957005&a=0a70a3c6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.165 Reilingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.165.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language is-IS,is;q=0.9 Referer https://ad5.ad-srv.net/request_content.php?s=64341800013892101324217011957005&a=0a70a3c6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 May 2022 02:49:14 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame E56A	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language is-IS,is;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	addDoubleBorder.js Show response cdn.contentspread.net/oliro/tools/js/ Frame E56A	851 B 1 KB	428ms 99ms	Script application/javascript	85.114.131.234 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.contentspread.net/oliro/tools/js/addDoubleBorder.js Requested by Host: ad5.ad-srv.net URL: https://ad5.ad-srv.net/request_content.php?s=64341800013892101324217011957005&a=0a70a3c6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21038.dus4.fastwebserver.de Software nginx / Resource Hash abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107 Request headers accept-language is-IS,is;q=0.9 Referer https://ad5.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 May 2022 02:49:14 GMT Last-Modified Sun, 01 Mar 2015 14:40:33 GMT Server nginx ETag "54f324e1-353" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 851
GET H/1.1	200 OK	oba_icon.png cdn.contentspread.net/oliro/oba/ Frame E56A	3 KB 3 KB	427ms 99ms	Image image/png	85.114.131.234 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/oliro/oba/oba_icon.png Requested by Host: ad5.ad-srv.net URL: https://ad5.ad-srv.net/request_content.php?s=64341800013892101324217011957005&a=0a70a3c6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 85.114.131.234 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS srv21038.dus4.fastwebserver.de Software nginx / Resource Hash 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6 Request headers accept-language is-IS,is;q=0.9 Referer https://ad5.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 12 May 2022 02:49:14 GMT Last-Modified Fri, 05 Aug 2016 12:57:49 GMT Server nginx ETag "57a48d4d-c35" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3125
GET H2	200	cl_partner.html Show response ads.pubmatic.com/AdServer/js/ Frame BAC9	2 KB 1 KB	105ms 105ms	Document text/html	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D7E8D2BEE-53D9-4C46-9296-72A602A8E948%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID Requested by Host: simage4.pubmatic.com URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156657&sc=1&pr=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=7E8D2BEE-53D9-4C46-9296-72A602A8E948&rs=3&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash b01ef7916c2e4d5e7b97fbcdb95caf8e24f184a773b9ca533a9a416b4aea4218 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers accept-ranges bytes cache-control max-age=75664 content-encoding gzip content-length 953 content-type text/html; charset=UTF-8 date Thu, 12 May 2022 02:49:14 GMT etag "fa18f0-6b8-53a413358bd01" expires Thu, 12 May 2022 23:50:18 GMT last-modified Wed, 17 Aug 2016 09:36:32 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache/2.2.15 (CentOS) vary Accept-Encoding
GET H/1.1	200 OK	ecm3 Show response aax-eu.amazon-adsystem.com/s/ Frame BF09	43 B 556 B	129ms 129ms	Document image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?id=7E8D2BEE-53D9-4C46-9296-72A602A8E948&ex=pubmatic.com Requested by Host: simage4.pubmatic.com URL: https://simage4.pubmatic.com/AdServer/SPug?o=1&p=156657&sc=1&pr=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&umc=PM_UID&u=7E8D2BEE-53D9-4C46-9296-72A602A8E948&rs=3&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language is-IS,is;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Thu, 12 May 2022 02:49:14 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Permissions-Policy interest-cohort=() Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent x-amz-rid TBENGSSX1ZFWQS1WNREN
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame FE03	0 119 B	104ms 103ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 Dortmund, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=250&adWidth=300&adFormat=5&adslotId=&siteId=97944753&bannerId=146064&e=3&p=Ynx1pgAFmO8K3rhKAAicfzXbXaSFdSrV0PPX2Q&penc=&bp=23077&a=627c75a6-0007-7f26-0ae0-1b15e50748c6&n=1&geo=20638&rawURL=https%3A%2F%2Fpastelink.net%2Fu9euo964&rawReferrerURL=&uid=7c824185-670d-4188-ad46-3bcc055b6fec&euid=&encn=N4IgXglgDiBcIgDQgMYHsCuA7ALgJwE84QARAUSRAEMc4BGZAGywHN66A6AVgA4BmPshQQcReAFlsEFAAtKeCMQBCATUoBnHDQCmyqgW14slRjTgAWHhzpcAvkA&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm922pnV8Yu-xFsrw-gb_uKKoCub-o_dc7ousiF_AjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItOTYwMjUxOTUwMjYxODI2MsgBCakCNSNge7ClsT7gAgCoAwGqBPYBT9Ax2gKp8RqZJ2PlYPHW2ZPpyeDFvJExhRpN47qWp35nxzL8iqyas9FDviuCFgtIO-Gzpk5pDOpkIzIJCl4qO6TFkmYxR-4Vz4wTYPjsPWpHWNvmSGjhhHji6BgOoruJUK1mvLPIxu2ZPwTjTOVG03XseToI9vqcVRtXwqG4UDRXx9YcdiZQrCYZtOC4H5krxMczhyH_kgeHM0XcKxDvykEGVWxRuG4APqolLK_Kl6hpXGenhwvgVCBZ7aquqtObf20oJN1x5bes2_tD7lJS0N-7nG38j9heYA4TNkRopObRBWfSOIz2ddtJlCNrO6MjnX-CIZgY4AQBgAaqtsL71v-e3YIBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tDCoJ_tOLXxeueme2l1TLHSwqdw%26client%3Dca-pub-9602519502618262%26adurl%3D&gdpr=1&gdpr_consent= X-Requested-With XMLHttpRequest accept-language is-IS,is;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Thu, 12 May 2022 02:49:14 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
GET		i.js mathid.mathtag.com/d/ Frame BAC9	0 0
GET		sodar pagead2.googlesyndication.com/getconfig/	0 0
GET		a www.googletagmanager.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

mathid.mathtag.com

URL

https://mathid.mathtag.com/d/i.js

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050901&st=env

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/a?id=GTM-55WHPWQ&cv=9&v=3&t=t&pid=97890379&rv=590&es=1&e=gtm.load&eid=11&u=C&ut=C&tc=38&z=0