URL: https://pastelink.net/h7yg164l
Submission: On February 13 via manual from US — Scanned from GB

Summary

This website contacted 92 IPs in 15 countries across 94 domains to perform 268 HTTP transactions. The main IP is 89.35.29.15, located in London, United Kingdom and belongs to BANDWIDTH-AS, GB. The main domain is pastelink.net. The Cisco Umbrella rank of the primary domain is 95929.
TLS certificate: Issued by R3 on January 31st 2023. Valid for: 3 months.
This is the only time pastelink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 89.35.29.15 25369 (BANDWIDTH-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 54.219.241.183 16509 (AMAZON-02)
6 18.157.254.184 16509 (AMAZON-02)
1 74.118.184.143 26120 (RHYTHMONE)
1 2 145.40.88.5 54825 (PACKET)
2 52.35.184.178 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 6 37.252.171.21 29990 (ASN-APPNEX)
2 185.106.140.18 7979 (SERVERS-COM)
11 100.21.1.193 16509 (AMAZON-02)
6 188.42.191.196 7979 (SERVERS-COM)
1 69.166.1.15 27630 (AS-XFERNET)
5 35.170.181.32 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
22 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
2 2a02:2638:1::8 44788 (ASN-CRITE...)
4 2a02:2638::21 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2620:1ec:48:1... 8075 (MICROSOFT...)
2 5 2a01:111:202c... 8068 (MICROSOFT...)
4 68.67.179.155 29990 (ASN-APPNEX)
1 151.101.193.108 54113 (FASTLY)
2 62.149.0.74 15497 (COLOCALL ...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 74.119.118.149 19750 (AS-CRITEO)
9 11 162.19.138.118 16276 (OVH)
1 13.224.189.94 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 92.123.38.97 16625 (AKAMAI-AS)
2 2 54.243.11.32 14618 (AMAZON-AES)
1 21 34.247.233.198 16509 (AMAZON-02)
1 2 169.197.150.7 398989 (DEEPINTENT)
6 6 3.126.56.137 16509 (AMAZON-02)
1 209.25.233.254 13768 (COGECO-PEER1)
2 2 198.148.27.140 19189 (PULSEPOINT)
4 4 185.29.132.245 30419 (MEDIAMATH...)
2 2 52.215.255.163 16509 (AMAZON-02)
2 2 35.227.197.177 15169 (GOOGLE)
4 4 216.52.2.16 32475 (SINGLEHOP...)
1 1 18.184.106.202 ()
2 2 34.235.231.136 14618 (AMAZON-AES)
5 15.197.193.217 16509 (AMAZON-02)
1 2 37.157.6.245 198622 (ADFORM)
10 10 18.195.253.212 16509 (AMAZON-02)
6 7 142.251.208.162 15169 (GOOGLE)
3 3 37.252.171.53 29990 (ASN-APPNEX)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 193.232.150.46 48061 (UMA-TECH-AS)
1 194.55.244.186 34959 (PROCLOUD ...)
1 151.236.118.210 204720 (CDNETWORKS)
1 162.19.138.83 16276 (OVH)
2 2 76.223.111.18 16509 (AMAZON-02)
1 51.89.9.253 16276 (OVH)
1 2 185.86.139.101 201081 (SMARTADSE...)
3 9 185.80.39.216 27381 (CASALE-MEDIA)
3 3 104.126.125.209 16625 (AKAMAI-AS)
6 23.64.52.128 16625 (AKAMAI-AS)
4 23.203.124.192 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
4 4 213.19.147.44 3356 (LEVEL3)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 69.166.1.12 27630 (AS-XFERNET)
2 2 18.233.161.105 14618 (AMAZON-AES)
3 3 64.74.236.191 22075 (AS-OUTBRAIN)
1 1 23.203.125.189 16625 (AKAMAI-AS)
3 3 38.133.127.159 22075 (AS-OUTBRAIN)
1 8.43.72.97 ()
2 2 34.98.64.218 396982 (GOOGLE-CL...)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 2603:c020:400... 31898 (ORACLE-BM...)
2 2 3.221.169.208 14618 (AMAZON-AES)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 2 151.101.66.49 54113 (FASTLY)
1 1 124.146.215.44 2514 (INFOSPHER...)
1 1 80.77.87.163 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 35.244.174.68 15169 (GOOGLE)
1 2a05:d018:24:... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 185.86.138.155 201081 (SMARTADSE...)
2 2 2600:1f1c:a99... 16509 (AMAZON-02)
1 2 52.46.130.91 16509 (AMAZON-02)
1 1 141.226.230.48 200478 (TABOOLA-AS)
2 2 173.231.181.122 32475 (SINGLEHOP...)
1 1 8.2.110.113 46636 (NATCOWEB)
4 135.125.163.79 16276 (OVH)
3 4 37.157.4.28 198622 (ADFORM)
2 185.64.189.110 62713 (AS-PUBMATIC)
1 213.155.156.164 1299 (TWELVE99 ...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
3 104.36.113.107 62713 (AS-PUBMATIC)
1 2 67.220.226.234 16509 (AMAZON-02)
3 3 141.94.171.214 16276 (OVH)
2 2 18.198.69.109 16509 (AMAZON-02)
2 2 54.76.31.2 16509 (AMAZON-02)
2 2 35.201.96.126 396982 (GOOGLE-CL...)
1 104.36.113.68 62713 (AS-PUBMATIC)
1 35.204.158.49 396982 (GOOGLE-CL...)
4 69.173.144.139 26667 (RUBICONPR...)
3 3 31.172.81.158 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
2 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
1 1 172.64.154.237 13335 (CLOUDFLAR...)
1 69.173.144.165 ()
1 2 2001:6d0:4001... ()
268 92
Apex Domain
Subdomains
Transfer
28 criteo.net
static.criteo.net — Cisco Umbrella Rank: 742
pix.eu.criteo.net — Cisco Umbrella Rank: 6289
csm.eu.criteo.net — Cisco Umbrella Rank: 6375
119 KB
23 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2330
usersync.gumgum.com — Cisco Umbrella Rank: 2561
9 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
76 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 255
cm.g.doubleclick.net — Cisco Umbrella Rank: 308
189 KB
15 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1276
eus.rubiconproject.com — Cisco Umbrella Rank: 786
pixel-us-east.rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 803
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
35 KB
14 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1260
ups.analytics.yahoo.com — Cisco Umbrella Rank: 393
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 719
3 KB
12 criteo.com
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12144
ads.eu.criteo.com — Cisco Umbrella Rank: 6328
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13244
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 11435
gum.criteo.com — Cisco Umbrella Rank: 443
mug.criteo.com — Cisco Umbrella Rank: 1837
dis.criteo.com — Cisco Umbrella Rank: 912
widget.us.criteo.com — Cisco Umbrella Rank: 16154
105 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3308
public.servenobid.com — Cisco Umbrella Rank: 5971
8 KB
12 pastelink.net
pastelink.net — Cisco Umbrella Rank: 95929
224 KB
11 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 704
image6.pubmatic.com — Cisco Umbrella Rank: 1001
simage2.pubmatic.com — Cisco Umbrella Rank: 962
image2.pubmatic.com — Cisco Umbrella Rank: 1431
aud.pubmatic.com — Cisco Umbrella Rank: 7611
simage4.pubmatic.com Failed
26 KB
11 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 521
15 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 687
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 883
ssum.casalemedia.com — Cisco Umbrella Rank: 2108
9 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 405
3 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 303
acdn.adnxs.com — Cisco Umbrella Rank: 784
secure.adnxs.com — Cisco Umbrella Rank: 673
26 KB
8 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1354
1x1.a-mo.net — Cisco Umbrella Rank: 3410
assets.a-mo.net — Cisco Umbrella Rank: 4970
28 KB
8 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 11515
a-prebid.vidoomy.com — Cisco Umbrella Rank: 15235
a.vidoomy.com — Cisco Umbrella Rank: 3607
vid.vidoomy.com — Cisco Umbrella Rank: 2695
vpaid.vidoomy.com — Cisco Umbrella Rank: 3927
21 KB
7 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2258
cache.betweendigital.com — Cisco Umbrella Rank: 16651
5 KB
6 adform.net
cm.adform.net — Cisco Umbrella Rank: 1822
c1.adform.net — Cisco Umbrella Rank: 917
2 KB
6 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 10486
user-sync.adxpremium.services — Cisco Umbrella Rank: 16687
6 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 426
1 KB
5 adnxs-simple.com
nym1-ib.adnxs-simple.com — Cisco Umbrella Rank: 15123
cdn.adnxs-simple.com — Cisco Umbrella Rank: 15999
31 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 84
347 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
region1.google-analytics.com — Cisco Umbrella Rank: 1904
20 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
198 KB
5 adligature.com
cdn.adligature.com — Cisco Umbrella Rank: 101015
152 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 373
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1003
3 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1151
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767
2 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1441
ap.lijit.com — Cisco Umbrella Rank: 848
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 721
3 KB
4 azureedge.net
bing-ads-display-ads-cdn.azureedge.net — Cisco Umbrella Rank: 11660
5 KB
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 2828
sync.1rx.io — Cisco Umbrella Rank: 801
2 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5967
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3221
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 956
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 781
2 KB
3 360yield.com
ice.360yield.com
ad.360yield.com — Cisco Umbrella Rank: 809
1 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
144 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2752
mp.4dex.io — Cisco Umbrella Rank: 3035
25 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 18
adservice.google.com — Cisco Umbrella Rank: 129
2 KB
2 tns-counter.ru
www.tns-counter.ru
706 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3907
668 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13108
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 6783
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1177
902 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 32804
2 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2083
958 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1027
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 680
701 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 987
643 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 705
675 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5398
892 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 501
750 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 13834
824 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6690
745 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1353
950 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 679
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 843
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 849
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1378
527 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1035
1 KB
2 adtelligent.com
idrs.adtelligent.com — Cisco Umbrella Rank: 89245
444 B
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 3073
sync.go.sonobi.com — Cisco Umbrella Rank: 1474
2 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1834
contextual.media.net — Cisco Umbrella Rank: 787
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109
143 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1185
612 B
1 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6593
125 B
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 11509
484 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1519
179 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2005
487 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2954
197 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 940
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1453
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1273
697 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1731
619 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1772
292 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 808
769 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1275
733 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1725
465 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1271
434 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5119
485 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1068
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1489
400 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 15788
69 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 954
191 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 15326
3 KB
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 5283
789 B
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4098
531 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5106
208 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 343
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 985
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 114
1 KB
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
268 94
Domain Requested by
22 static.criteo.net ads.eu.criteo.com
static.criteo.net
21 usersync.gumgum.com 1 redirects g2.gumgum.com
12 pastelink.net pastelink.net
11 id5-sync.com 9 redirects cdn.adligature.com
11 ads.servenobid.com cdn.adligature.com
public.servenobid.com
g2.gumgum.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ads.pubmatic.com
10 x.bidswitch.net 10 redirects
10 securepubads.g.doubleclick.net cdn.adligature.com
securepubads.g.doubleclick.net
pastelink.net
www.googletagservices.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 cm.g.doubleclick.net 6 redirects g2.gumgum.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 eus.rubiconproject.com public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
cache.betweendigital.com
6 ups.analytics.yahoo.com 6 redirects
6 ads.betweendigital.com cdn.adligature.com
ads.betweendigital.com
6 ib.adnxs.com 3 redirects cdn.adligature.com
acdn.adnxs.com
6 c2shb.pubgw.yahoo.com cdn.adligature.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 match.adsrvr.org g2.gumgum.com
ssum-sec.casalemedia.com
ads.pubmatic.com
5 www.bing.com 2 redirects pastelink.net
assets.a-mo.net
5 1x1.a-mo.net pastelink.net
5 cdn.adligature.com pastelink.net
cdn.adligature.com
securepubads.g.doubleclick.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 user-sync.adxpremium.services adxbid.info
4 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
adxbid.info
4 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
ssum-sec.casalemedia.com
4 sync.mathtag.com 4 redirects
4 nym1-ib.adnxs-simple.com assets.a-mo.net
pastelink.net
cdn.adnxs-simple.com
4 bing-ads-display-ads-cdn.azureedge.net assets.a-mo.net
4 csm.eu.criteo.net ads.eu.criteo.com
4 fonts.gstatic.com fonts.googleapis.com
3 sync.bumlam.com 3 redirects
3 token.rubiconproject.com eus.rubiconproject.com
3 pixel.onaudience.com 3 redirects
3 image2.pubmatic.com ads.pubmatic.com
3 sync.outbrain.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 sync.1rx.io 3 redirects
3 ap.lijit.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 secure.adnxs.com 3 redirects
3 www.googletagservices.com 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 d.vidoomy.com cdn.adligature.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.tns-counter.ru 1 redirects
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 visitor.fiftyt.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 loada.exelator.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 simage2.pubmatic.com ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 rtb-csync.smartadserver.com ssbsync.smartadserver.com
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.360yield.com 2 redirects
2 pr-bh.ybp.yahoo.com g2.gumgum.com
ssum-sec.casalemedia.com
2 us-u.openx.net 2 redirects
2 ads.avct.cloud 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 eb2.3lift.com 2 redirects
2 px.adhigh.net 2 redirects
2 pool.admedo.com 2 redirects
2 cm.adform.net 1 redirects
2 sync.ipredictive.com 2 redirects
2 pixel.tapad.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 bh.contextweb.com 2 redirects
2 a-prebid.vidoomy.com
2 match.deepintent.com 1 redirects
2 sync.srv.stackadapt.com 2 redirects
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 idrs.adtelligent.com cdn.adligature.com
2 pix.eu.criteo.net ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
2 rtb.adxpremium.services cdn.adligature.com
adxbid.info
2 g2.gumgum.com cdn.adligature.com
public.servenobid.com
2 prebid.a-mo.net 1 redirects cdn.adligature.com
2 script.4dex.io cdn.adligature.com
script.4dex.io
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com pastelink.net
www.googletagmanager.com
2 www.google.com pastelink.net
tpc.googlesyndication.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 pixel.rubiconproject.com adxbid.info
1 vpaid.vidoomy.com vid.vidoomy.com
1 ssum.casalemedia.com 1 redirects
1 vid.vidoomy.com adxbid.info
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 widget.us.criteo.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 d5p.de17a.com ads.pubmatic.com
1 as.ck-ie.com 1 redirects
1 sync.taboola.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.tidaltv.com ssbsync.smartadserver.com
1 id.rlcdn.com ssbsync.smartadserver.com
1 image6.pubmatic.com ads.pubmatic.com
1 cs.admanmedia.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync.inmobi.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 pixel-us-east.rubiconproject.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 p.rfihub.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 lb.eu-1-id5-sync.com cdn.adligature.com
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 a.vidoomy.com
1 ice.360yield.com 1 redirects
1 ce.lijit.com 1 redirects
1 pixel-sync.sitescout.com
1 contextual.media.net cdn.adligature.com
1 adxbid.info cdn.adligature.com
1 acdn.adnxs.com cdn.adligature.com
1 public.servenobid.com cdn.adligature.com
1 id.a-mx.com cdn.adligature.com
1 cdn.adnxs-simple.com assets.a-mo.net
1 assets.a-mo.net cdn.adligature.com
1 rtb.fr.eu.criteo.com pastelink.net
1 rtb.nl3.eu.criteo.com pastelink.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.uk securepubads.g.doubleclick.net
1 apex.go.sonobi.com cdn.adligature.com
1 mp.4dex.io cdn.adligature.com
1 prebid.media.net cdn.adligature.com
1 tag.1rx.io cdn.adligature.com
1 pro.ip-api.com cdn.adligature.com
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com pastelink.net
1 code.jquery.com pastelink.net
1 fonts.googleapis.com pastelink.net
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 ads.yieldmo.com Failed
0 cs.emxdgt.com Failed g2.gumgum.com
0 cs.iqzone.com Failed public.servenobid.com
268 145
Subject Issuer Validity Valid
pastelink.net
R3
2023-01-31 -
2023-05-01
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
www.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-25 -
2023-12-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-12-27 -
2023-06-21
6 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-29
a year crt.sh
*.a-mo.net
R3
2023-02-02 -
2023-05-03
3 months crt.sh
gumgum.com
Amazon RSA 2048 M01
2023-02-10 -
2023-09-23
7 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2022-08-26 -
2023-08-05
a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01
2023-02-07 -
2023-06-27
5 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-13 -
2024-02-13
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.google.co.uk
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-04 -
2023-04-05
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-22 -
2023-03-26
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-07 -
2023-03-12
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-15
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-19 -
2023-03-24
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-13 -
2023-04-17
3 months crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 05
2023-01-23 -
2024-01-18
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2022-11-25 -
2023-05-25
6 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2022-02-25 -
2023-03-28
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
idrs.adtelligent.com
R3
2023-01-23 -
2023-04-23
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-04 -
2023-03-31
3 months crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
*.servenobid.com
Amazon
2023-01-07 -
2024-02-05
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-24 -
2023-02-24
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.minutemedia-prebid.com
Amazon
2022-05-31 -
2023-06-29
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-15 -
2023-09-15
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-02-08 -
2024-02-15
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-19 -
2023-06-19
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-30 -
2023-12-30
a year crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-12 -
2023-03-10
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh

This page contains 44 frames:

Primary Page: https://pastelink.net/h7yg164l
Frame ID: AA0F0C3DB64964C75C335FB23A417766
Requests: 82 HTTP requests in this frame

Frame: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F2D1A8A175DA890997761F1D634C9E2C
Requests: 1 HTTP requests in this frame

Frame: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5464E8C398B6E79CC83F19163ECE3A7
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Frame ID: C1E196745E103D39ECA88A21A4548E42
Requests: 16 HTTP requests in this frame

Frame: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E742D0723B94F6A563DD96F2B97E141F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE18AA543322CCB7997F711B7E75F043
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 339A41D1C2960072078508BB341AA077
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Frame ID: 5C561293986B1561282012D1A6DB95E6
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKFD6aamzduwXwjE5bQSgb5wqTW0ZlLXmP7eNx9y_SWFjDE80aLLYIhLI_WqC8BHvtRhPVBYtT1JQ8EytIVL2b-XDUU4xsmj1q0KGKa7iFQASfg-KJ41h-74yzSYPcEKjthT5cgAkxgCds2n6I7FGP-eArQLhvyAhaBo0JUXHeBCfEQlOqUDOgtiB_KXMrxhNYFc4NAdE60Nj7ika9LTEaQH-oVEgcZS-TVJxJAiUYopbKNHQrWon6MSUpQ_m5uDjzJvPCCN1eX3l_g3LM-FWnhO4Q3IwB9z687n_y6witelMuUnzHTd2DMhLQri3TWGv5WlGpQv42UmDx9NpKF0aVdzkLb3XYtLBFmtM&sai=AMfl-YS4j8TJgPr5nUw_M-2z6JGWq1rgdWgwD3-1pzQcqzMIejN1kS1WNaDr0-hCyAvHwy2zQzk9iFEg7DyaSgi6maQPnFUt4E7v993DedrnmAUaIIDcvlQkvQ1Yxdfl90Awas1-8Uor1ukSBnRHzLo&sig=Cg0ArKJSzAd_cuNGp7sUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6EFA8955C308F0A3F90BCCE526151E4B
Requests: 22 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F379837EDF4C915F809FD3521B1855B7
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F277E35EBEF598F16095B59FA42BC90D
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: C0B26BE4C88C04BA472E73538632C626
Requests: 5 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E2D8C5907226E8FBB702658AAF04F18E
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 015139675F6E82ADA35C7ABA971DE387
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=757cc365-90dc-522c-8da6-bdc7ee4ccf2b&CACHEBUSTER=12638
Frame ID: 2FF8D0BEBE66D3F2B840953E84C53F47
Requests: 5 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 71EA7DF1019494B24869A7725B2D16BB
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: AEAE59153D395F44498A5AAD01A3A3AD
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: FC90B9CA761E96064F8D4F26823B6667
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 21D038D4C57A7C0AAA1BCA00FDDD6979
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: D0B56B1D87936EBF314C81BC05031D72
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: A64515522AC886E0B9AFE3872AC95F82
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 8BEC8CC6FB2730A39C5F29A5A30437FC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q
Frame ID: 53E734435B0905D2ABD76CEDE71DEA25
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A359D07461D4294209B377C167AC8051
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5D40AF6BDA625984A02A4F611D4FD7CA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=1dd463ea-72f1-4100-95c5-350ebee65e5c&gdpr=0&gdpr_consent=
Frame ID: E5394A069D19EF4EB749C49F0C4772D5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y_py8AAAA2zyTwAh&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh
Frame ID: 0D04F673E3A3516F9699ADCBE2D35465
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83NDg1ZTZjNy02ZjVjLTQ2NmEtOGU2NC1kMjBmODVkNWM2NWY=&gdpr=0&gdpr_consent=
Frame ID: 94425AC6963A0355D5E3C342D0E677F5
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 5E13C9EC76F7BB17DA5AA0DB74429322
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y.py8cCo8YMAALblBXQAAAAA
Frame ID: 3ACB83AB874F34DCB3B1AF7AF274CE6F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=d62efaae-9598-49d9-bbee-eac71a86a16a
Frame ID: 6ABABBA0240A4C10457F24061635C033
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y.py8NR3CGyBOR5nOMgzLgAA%262172
Frame ID: 1B1869E00283A973508BE3A040334B2A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=NV0N5iBs4Rqya8HIzEdP&pi=gumgum&tc=1
Frame ID: 7541287D7D7156DE01DDC0E0C3B84F7C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 0F9F7FEF3D5AF9DF0541C397F45EF641
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
Frame ID: 113E71F8E75FAAA27A51263CF6103298
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb6563ea-72f1-4e00-9152-4332d040d843&gdpr=0&gdpr_consent=
Frame ID: 0CCC2958C2FA0337078AF77E334B4DE0
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 02B075485F516FC4267001EEA8C8DD98
Requests: 1 HTTP requests in this frame

Frame: https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2E3E7BC941C18B6F1E8E2311647AFCE6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds
Frame ID: F6F639AF8B055262CBE8C161307E40B0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 52884E62B11935522BBDEFE7F80E54B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D
Frame ID: AB529264EA2CE617CDD34D0FE8740BBD
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: F7F15D7F008FEEC81C7A7904496B37C1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DC31470C544202314B588528083CE5A3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: E07A5C09390A3DAAFACCC44F53EAED2B
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

VBCWSh567GBCFHMAWeku8 - Pastelink.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

268
Requests

78 %
HTTPS

29 %
IPv6

94
Domains

145
Subdomains

92
IPs

15
Countries

2000 kB
Transfer

4315 kB
Size

144
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=016fa027-260e-4044-bf41-38af98bc73d5&oAdUnit=391466&publisherId=162645330&rId=33f4648b-ca67-4372-a68d-ae8083beb921&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4edfaa2074764d15b053e9677f501999%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&smplId=e86f9&tagId=21275729&trafficGroup=knaqe_3c&trafficSubGroup=qrsnhyg HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4edfaa2074764d15b053e9677f501999&SNR=1&GV=2&med=10
Request Chain 142
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=016fa027-260e-4044-bf41-38af98bc73d5&oAdUnit=391466&publisherId=162645330&rId=33f4648b-ca67-4372-a68d-ae8083beb921&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D4edfaa2074764d15b053e9677f501999%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&smplId=e86f9&tagId=21275729&trafficGroup=knaqe_3c&trafficSubGroup=qrsnhyg HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4edfaa2074764d15b053e9677f501999&tids=15000&med=10
Request Chain 149
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=DutfKXxzOTMzcElxZ2VkMGY1dFpIa3RVcjJORVZ0bjhyQ0FScXNLWDRKNUFaWDZJNWZXZXR2VGZFWW1DdXVCZGRPdGdadGl5cDZpV1F6V3h4b29tYVJUc3RKNVptOVVHYzY5Qy9NVnVXVUx5THM5aGg4MjRpVko4ZVp6YkpKRGQ0ejJjcEoyWklDMlQ0R2hjbUJTZGhUQUpDZFMwSDNWQ05aWUtta21tV1pzaWs4aXJjemNzN01meC80RCszc1Qwd2dqUGNqU3VZNUtYQ1dBQVAyZUlPaXREbGhsTmJ4amhYR0FWbWVIU0FadzNjMmFvPXw&cppv=2
Request Chain 156
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-ef188045-3d26-4f89-4166-6f90780f911a$ip$5.187.21.99
Request Chain 158
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A&gdpr=0
Request Chain 160
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=IuHOG3cnjy8w&ev=1&pid=558355
Request Chain 161
  • https://id5-sync.com/s/441/9.gif?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/8/2.gif?puid=b17f63ea-72f1-4500-a625-1dd990eacf8e&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AARhr07H1OYAACCVVv_sYA HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/6/4.gif?puid=f65be3d2-824b-405b-b3a9-465f8c9c28dd&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AARhr07H1OYAACCVVv_sYA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1241/5/5.gif?puid=GJp3rLZH09aTuPhwTfawf5Ed&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/4/6.gif?puid=668423eb-dc1b-41c0-ac88-4b9e58df03c0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F3%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/796/3/7.gif?puid=0a2a99ce-087a-42a1-b7b3-35e8ed7db58d&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 162
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8409742334465611079
Request Chain 164
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=e275dba9-3723-440b-82dc-1da6bc5ca165&google_hm=ZTI3NWRiYTktMzcyMy00NDBiLTgyZGMtMWRhNmJjNWNhMTY1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEM-shUYAuZrTYifis9TXzFo&google_cver=1&ssp=vidoomy&bsw_param=e275dba9-3723-440b-82dc-1da6bc5ca165 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=15f3f372-c817-4240-a5b1-81125874c182
Request Chain 165
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2537256192817712152
Request Chain 166
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=15f3f372-c817-4240-a5b1-81125874c182 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=15f3f372-c817-4240-a5b1-81125874c182 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d3a478c8-c282-4514-bf9d-aa20c0120522&user_group=1&ssp=between&bsw_param=15f3f372-c817-4240-a5b1-81125874c182 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
Request Chain 167
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03QlVydjVoRTJ1SF9QSDFyMUMuMnpPVWkxZUNXYXRGc0lWVHBGNTQtfkE%3D&gdpr=0
Request Chain 168
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8PFtiRKsg6g.AikABlGGS9D8Zg
Request Chain 173
  • https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=391082410497323169292
Request Chain 177
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 178
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 181
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8409742334465611079
Request Chain 182
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=GJp3rRZHlPhC-fi-SuGkM120
Request Chain 183
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=GJp3rLZH09aTuPhwTfawf5Ed
Request Chain 184
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1676309232501 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=741018747 HTTP 302
  • https://sync.1rx.io/usersync/turn/4588685664086249098?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003
Request Chain 185
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5109685626199567985
Request Chain 187
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=2ba17f28-28d1-416a-8399-9abbf0d4aba0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 188
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
Request Chain 189
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-d73759ff-3e06-36af-8583-7f7102577228&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kNzM3NTlmZi0zZTA2LTM2YWYtODU4My03ZjcxMDI1NzcyMjgQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kNzM3NTlmZi0zZTA2LTM2YWYtODU4My03ZjcxMDI1NzcyMjgyAhobOAE=
Request Chain 190
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
Request Chain 193
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8409742334465611079
Request Chain 194
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=dd6b6f1d-2f58-4d50-8a57-3a0a134ac0e0&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=15f3f372-c817-4240-a5b1-81125874c182
Request Chain 195
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-ecce6cef-82c4-4dc3-4daf-eba1b386364d$ip$5.187.21.99
Request Chain 196
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=qsQU8yyGmWoqDES4wEw5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24LTKFKTQ6LZI5WVO33RIRCVGNDXIV3TKJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24LTKFKTQ6LZI5WVO33RIRCVGNDXIV3TKJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qsQU8yyGmWoqDES4wEw5&us_privacy=1---
Request Chain 197
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=lRrkqznBGfHW&ev=1&pid=558355
Request Chain 198
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28dYPFGzs0ERi3mVorckrs3K3pA6zBiRUNqcEP6-leh2ShIipJcY3-4ijO6HzRfvVA%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28dYPFGzs0ERi3mVorckrs3K3pA6zBiRUNqcEP6-leh2ShIipJcY3-4ijO6HzRfvVA%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&obuid=ENC(dYPFGzs0ERi3mVorckrs3K3pA6zBiRUNqcEP6-leh2ShIipJcY3-4ijO6HzRfvVA) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 199
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=0799a4e8-2fd8-43d9-9e71-6d0acd02a3cc
Request Chain 201
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=0a2a99ce-087a-42a1-b7b3-35e8ed7db58d
Request Chain 203
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_f3df579fe8734d3b91f2c
Request Chain 204
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=668423eb-dc1b-41c0-ac88-4b9e58df03c0
Request Chain 205
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=9176623830813833027
Request Chain 207
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q
Request Chain 210
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=1dd463ea-72f1-4100-95c5-350ebee65e5c&gdpr=0&gdpr_consent=
Request Chain 211
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y_py8AAAA2zyTwAh&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh
Request Chain 214
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y.py8cCo8YMAALblBXQAAAAA
Request Chain 215
  • https://cs.admanmedia.com/sync/gumgum?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=d62efaae-9598-49d9-bbee-eac71a86a16a
Request Chain 216
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y.py8NR3CGyBOR5nOMgzLgAA%262172
Request Chain 217
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=NV0N5iBs4Rqya8HIzEdP&pi=gumgum&tc=1
Request Chain 218
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D15f3f372-c817-4240-a5b1-81125874c182&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=bb6563ea-72f1-4e00-9152-4332d040d843&expires=30&ssp=between&bsw_param=15f3f372-c817-4240-a5b1-81125874c182&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
Request Chain 224
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7199693329457805459&gdpr=0&gdpr_consent=
Request Chain 225
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=nflDAJz4QFCG-hACyPMLBcqoRAKG-RcEmP0i3G14
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB&dcc=t
Request Chain 227
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.py8NR3CGyBOR5nOMgzLgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASQfC4dmzjznxDOLTY1lEk&google_cver=1&google_hm=2
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEsxRBLOJK8EWepZa6IY-0&google_cver=1
Request Chain 231
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 232
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y.py8NR3CGyBOR5nOMgzLgAA%262172 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a522c305-49a5-4ea4-8f69-eed0a199d199-tuctae3f871
Request Chain 233
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=a709cd0a-abc3-11ed-8137-1e740f70d0b1
Request Chain 235
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=993744eabf6f40e717dc933eae03955a8f0ea06548d81cc81fd5c831936022bf
Request Chain 238
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
Request Chain 239
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb6563ea-72f1-4e00-9152-4332d040d843&gdpr=0&gdpr_consent=
Request Chain 241
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Request Chain 242
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds
Request Chain 243
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0hoo9uDWQp-6H8KG_y0rnQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 246
  • https://pixel.onaudience.com/?partner=214&mapped=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=89e031c838d1d756a5f11eb2d94fde64&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=67f5114156b8a7d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=67f5114156b8a7d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4dde71027af3f5ddffcb00f45ce7b13e&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 247
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&addseg=11,34,40
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDIxQTI4RjYtRTBENi00MjlGLUJBMUYtQzI4NkZGMkQyQjlE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO017BgsDOmJONAXEwOvn-I&google_cver=1
Request Chain 251
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6889078074837267255
Request Chain 255
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjw5amfBqIBEKcq49KrwxHtocQAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a72ae3d2-abc3-11ed-a1c4-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a72ae3d2-abc3-11ed-a1c4-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=elXXFR1DAQ27JJO4wn19ZA& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/a72ae3d2-abc3-11ed-a1c4-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/a72ae3d2-abc3-11ed-a1c4-002590c82437?redir-setuniq=1
Request Chain 258
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.py8NR3CGyBOR5nOMgzLgAA%262172
Request Chain 261
  • https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GJp3rLZH09aTuPhwTfawf5Ed
Request Chain 262
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 266
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6889078074837267255
Request Chain 268
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12638 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12638
Request Chain 269
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=757cc365-90dc-522c-8da6-bdc7ee4ccf2b&expires=60 HTTP 302
  • https://ads.yieldmo.com/sync?userid=15f3f372-c817-4240-a5b1-81125874c182&pn_id=bsw&extinit=1&gdpr=&gdpr_consent=

268 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request h7yg164l
pastelink.net/
76 KB
13 KB
Document
General
Full URL
https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
affbbf5049f8c230f7de4580a98186661c9e1e865c1113736e8bc1c998c82431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 13 Feb 2023 17:27:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 17:27:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Feb 2023 17:27:07 GMT
styles.css
pastelink.net/assets/css/
121 KB
121 KB
Stylesheet
General
Full URL
https://pastelink.net/assets/css/styles.css?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/h7yg164l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Jan 2023 14:09:07 GMT
server
nginx
etag
"63b82b83-1e279"
content-type
text/css
accept-ranges
bytes
content-length
123513
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPuBqp8GEo4BCiQxZjcwNjdmMi02M2VhLTQ5NmUtOWMwMC1jNjc0YmNiMzczMjAQqKenrJKE/QIaBgjr5amfBiITMmEwMjo4Yzg6YzEwOjMwOjoxNyj22AIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDg5YTYxZTA5LWRmZDctNGZkYi1iMmRjLWNmNGUwNTc1NTdlNhib8QEiGAgCEhRjZHMwODEubG80Lmh3Y2RuLm5ldA==.N7xi5J6gJysp729YpnKXNogwULLCFPF+hutp50ZBitA=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1676309227.dop246.lo4.t,1676309227.cds293.lo4.hn,1676309227.cds081.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
script.min.js
pastelink.net/assets/js/
41 KB
41 KB
Script
General
Full URL
https://pastelink.net/assets/js/script.min.js?q=35
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/h7yg164l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 17 Nov 2022 12:00:15 GMT
server
nginx
etag
"6376224f-a225"
content-type
application/javascript
accept-ranges
bytes
content-length
41509
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/
2 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/latest/js.cookie.min.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
16752835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
772
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wecmsRurqbvvbrbhsmuubQnfhhocc4uSN2obfAA0xXyk44TfGtBHHCQ%2FBq0%2F7EkAX3GanbbzC%2FIwebuBlhPbufQw5U09PiWHBA1yHPhAWEId9D%2BftEIk9LEomjfAcUUAZuJ47ZQ19ZRGjweLSQSk0MQ3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
798f45dfe80f74f5-LHR
expires
Sat, 03 Feb 2024 17:27:07 GMT
rules.js
cdn.adligature.com/pl/prod/
17 KB
5 KB
Script
General
Full URL
https://cdn.adligature.com/pl/prod/rules.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670dc66bdd658139d240eedad1274df27975093212b087640ace94fdd41e2038

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
549
cf-polished
origSize=29547
x-guploader-uploadid
ADPycdtdSqfe5BFXXnKzA0WgMPtdn3LcWXSlS2z68FCwP23mVxQy4NJbnhbXGglaf4vex8OMlFTdH9OqD-xb_rM7de9ScA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:08:54 GMT
server
cloudflare
etag
W/"7543a866e92135abc861c11eeb7b8ee8"
vary
Accept-Encoding
x-goog-generation
1675969734359872
content-type
application/javascript
x-goog-hash
crc32c=rHH5GQ==, md5=dUOoZukhNavIYcEe63uO6A==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie3gHLw018qLfOxxs13tfXxLfqkW1pQxdeJ%2FLFzT3gS%2FrfxhJQdyipJ2DCkpGxdgOnef7vPP8FuCecddjBOgCN2psxrZrjPlWE%2BZe7BJl1RAH%2FdQ4k7TLdtOoMJW7f93%2BDMFvZxlBqHWKcDcBpTrUaM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
29547
cf-ray
798f45dffdad2408-LHR
expires
Mon, 13 Feb 2023 17:20:04 GMT
api.js
www.google.com/recaptcha/
906 B
889 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6eb131d23a47b80f5fd8259354cbbae6e4696a6d28df7d7c2e2cc88c0b956e43
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
569
x-xss-protection
1; mode=block
expires
Mon, 13 Feb 2023 17:27:07 GMT
gtm.js
www.googletagmanager.com/
186 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1135d9bf7138e2cbd2c6dca7f80a0c20063d379b56de102c68ec74ce3d26b1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67284
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 17:04:52 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Feb 2023 17:27:07 GMT
advally-5.6.0.js
cdn.adligature.com/rules.js/
109 KB
29 KB
Script
General
Full URL
https://cdn.adligature.com/rules.js/advally-5.6.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1529
cf-polished
origSize=178816
x-guploader-uploadid
ADPycdtHOoeiLuhHF-fqwTwRpP-ddZbz5hRqdJoHWd3LVX_eUtzB1Aq7c2OUTHGCh35SNUGsPPmJbenAi7nW5X4P0YRf6JTvlTjC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 18:36:31 GMT
server
cloudflare
etag
W/"93d406c6937e7a8018d85789ad1193d5"
vary
Accept-Encoding
x-goog-generation
1671042991645353
content-type
application/javascript
x-goog-hash
crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
cache-control
public, max-age=7200, s-maxage=7200, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfpOxbKdBc8m44etBIRfSix%2FA1lgYzMwchNg0RXcqofZLiLf60solH%2Fom83NQmf2Kpv0Ww%2FmLJJ%2BuPQ4RozpgdT3miSs%2Fk93h5CJ8%2BZoLwYWp1Q%2BD%2FifXyX19lSNgTHYU7jbc4fr1btJDLNMo4OE5B0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
178816
cf-ray
798f45e08eff2408-LHR
expires
Mon, 13 Feb 2023 18:19:38 GMT
rules.css
cdn.adligature.com/pl/prod/
212 B
672 B
Stylesheet
General
Full URL
https://cdn.adligature.com/pl/prod/rules.css
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/rules.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deaac5d56e16e3ebabea7074260b0fd928a5f1ed99708ce779fba46a83bcdc8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
x-guploader-uploadid
ADPycdseHQiWPjhxMj8Qa631ELBlDPPYyHP-rxFFe6zC9pqGnYb-jRsW-i551rrAjBNXTaFQ8TUp5U9fCyKa_ig-E5CNww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 19:08:53 GMT
server
cloudflare
etag
W/"6028266d2acabeaa67379ad7bbbb6964"
vary
Accept-Encoding
x-goog-hash
crc32c=mXGApQ==, md5=YCgmbSrKvqpnN5rXu7tpZA==
x-goog-generation
1675969733527635
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aRikBxZMvX45eI%2FEEo5%2FdnNm6ufzzwkhkmPaLcEtwnkQHnPRGu5k2KkYAijctVGXWXCSxLOIYvUWliUk1bZ%2BgjZQGA3czPhaFwmPF5tbYXIZp%2BwCKN%2BTt6w3pNWCQkZEn06SD4Phue0D119GXNUc9U%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length
212
cf-ray
798f45e08efa2408-LHR
expires
Mon, 13 Feb 2023 17:30:46 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/
404 KB
161 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=captchaLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Origin
https://pastelink.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 15:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164579
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Feb 2024 15:20:44 GMT
debut_light.png
pastelink.net/assets/images/
4 KB
4 KB
Image
General
Full URL
https://pastelink.net/assets/images/debut_light.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-10c8"
content-type
image/png
accept-ranges
bytes
content-length
4296
pastelink-logo.svg
pastelink.net/assets/images/logo/
3 KB
3 KB
Image
General
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-d3d"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3389
truncated
/
16 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
arrow-down-blue.svg
pastelink.net/assets/images/
239 B
409 B
Image
General
Full URL
https://pastelink.net/assets/images/arrow-down-blue.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-ef"
content-type
image/svg+xml
accept-ranges
bytes
content-length
239
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 19:30:19 GMT
x-content-type-options
nosniff
age
251808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 19:30:19 GMT
moon.svg
pastelink.net/assets/images/
2 KB
2 KB
Image
General
Full URL
https://pastelink.net/assets/images/moon.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-62e"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1582
public-black.svg
pastelink.net/assets/images/
578 B
749 B
Image
General
Full URL
https://pastelink.net/assets/images/public-black.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-242"
content-type
image/svg+xml
accept-ranges
bytes
content-length
578
social-spritesheet.png
pastelink.net/assets/images/
28 KB
28 KB
Image
General
Full URL
https://pastelink.net/assets/images/social-spritesheet.png
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-70de"
content-type
image/png
accept-ranges
bytes
content-length
28894
logo-bg-90-tl.svg
pastelink.net/assets/images/
2 KB
2 KB
Image
General
Full URL
https://pastelink.net/assets/images/logo-bg-90-tl.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-933"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2355
pastelink-logo-contrast.svg
pastelink.net/assets/images/logo/
4 KB
4 KB
Image
General
Full URL
https://pastelink.net/assets/images/logo/pastelink-logo-contrast.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-e31"
content-type
image/svg+xml
accept-ranges
bytes
content-length
3633
logo-symbol-non-white-bg.svg
pastelink.net/assets/images/
4 KB
5 KB
Image
General
Full URL
https://pastelink.net/assets/images/logo-symbol-non-white-bg.svg
Requested by
Host: pastelink.net
URL: https://pastelink.net/assets/css/styles.css?q=35
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.35.29.15 London, United Kingdom, ASN25369 (BANDWIDTH-AS, GB),
Reverse DNS
15.29.35.89.baremetal.zare.com
Software
nginx /
Resource Hash
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/assets/css/styles.css?q=35
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 13 Oct 2022 11:31:15 GMT
server
nginx
etag
"6347f703-11c0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
4544
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 19:34:53 GMT
x-content-type-options
nosniff
age
165134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Feb 2024 19:34:53 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 01:12:02 GMT
x-content-type-options
nosniff
age
317705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12700
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 01:12:02 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Poppins:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pastelink.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 19:15:31 GMT
x-content-type-options
nosniff
age
252696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 19:15:31 GMT
/
pro.ip-api.com/json/
53 B
208 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
2aef5b1d2fb690bb6e55203efe55fe450953ae337f3013a562339dd0f20990d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 13 Feb 2023 17:27:07 GMT
Content-Length
53
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/
79 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ea469681964aaf6c4bf17c354b66109b0203f86549bdf6b8332a64b15cd7611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27256
x-xss-protection
0
server
sffe
etag
"1481 / 964 of 1000 / last-modified: 1676289965"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Feb 2023 17:27:07 GMT
prebid-7.35.0.js
cdn.adligature.com/pl/prod/
339 KB
108 KB
Script
General
Full URL
https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97f22fde697c9d8c77639fbbca1a74e82708f3c908d9005107cd2fc71033da1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
225
cf-polished
origSize=347853
x-guploader-uploadid
ADPycdsHgAs9xZA484OTonr7am5poF5WrjZUkRI_rayjfkJqfOZ_aY2DDkQsMQ3vFPBMM7vBTLwW9S_FEm1PewS3aTEF8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 09 Feb 2023 19:08:52 GMT
server
cloudflare
etag
W/"2da9bf1e0fca69a19e94f037f85b47f1"
vary
Accept-Encoding
x-goog-generation
1675969732685869
content-type
application/javascript
x-goog-hash
crc32c=S2tX3Q==, md5=Lam/Hg/KaaGelPA3+FtH8Q==
cache-control
public, max-age=900, s-maxage=300, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9o28GcfLvuWXBtYwXBztjJ27oFi2NrXldWtR6a5LU%2BeTCNroAaqzqXZc5t8qGTiVPrAHFYM5ViEdR5ELfvM5%2BEbMHYCUlxfgrr%2BbGKEgfg4LogpMLAOE%2BWfm2%2FSS3yHD5%2FnRimuK68JUGOCVoeT49p4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
347853
cf-ray
798f45e10f2272f6-LHR
expires
Mon, 13 Feb 2023 17:28:22 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Feb 2023 16:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1937
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Feb 2023 18:54:50 GMT
js
www.googletagmanager.com/gtag/
221 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55WHPWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9101d76a9ebb972db0af4100626104995331ea2fcf4e893b902c01c58d6b6e50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78648
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Feb 2023 17:27:07 GMT
pubads_impl_2023020701.js
securepubads.g.doubleclick.net/gpt/
386 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa19ab413493b004c5957325db711ffde124c52cb5007049f1331dd1302bc774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:24:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133135
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 09:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 13 Feb 2024 17:24:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
73 B
84 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60
x-xss-protection
0
expires
Mon, 13 Feb 2023 17:27:08 GMT
collect
region1.google-analytics.com/g/
0
243 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3260&_p=1662980172&cid=806525551.1676309228&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676309227&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fh7yg164l&dt=VBCWSh567GBCFHMAWeku8%20-%20Pastelink.net&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
206 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1662980172&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fh7yg164l&ul=en-us&de=UTF-8&dt=VBCWSh567GBCFHMAWeku8%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=496995667&gjid=1008139404&cid=806525551.1676309228&tid=UA-55088947-2&_gid=2007369109.1676309228&_r=1&_slc=1&gtm=45He3260n8155WHPWQ&z=352363723
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1662980172&t=pageview&_s=1&dl=https%3A%2F%2Fpastelink.net%2Fh7yg164l&ul=en-us&de=UTF-8&dt=VBCWSh567GBCFHMAWeku8%20-%20Pastelink.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=1292575086&gjid=499665053&cid=806525551.1676309228&tid=UA-197326395-9&_gid=2007369109.1676309228&_r=1&_slc=1&z=1994855174
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
localstore.js
script.4dex.io/
483 B
1 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 17:27:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1532864
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FELmF8mF0baSLm9I9x%2Flu7hcgBGpb5Xt%2Bhgz1iDQz%2BBxAUgmJv%2F%2FULvQic8Mmcv5DQFvYp%2Bv0fqz6HpKEIt7h5KGSJKeV4abwQo4Mt3kryHKlronAz0k%2BXrmNzBzMjQwQ9QbzJX9x28C2ruT"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
798f45e3f98976cf-LHR
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.219.241.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-241-183.us-west-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 13 Feb 2023 17:27:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.219.241.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-241-183.us-west-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 13 Feb 2023 17:27:08 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.219.241.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-241-183.us-west-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://pastelink.net
access-control-max-age
600
age
0
content-length
0
date
Mon, 13 Feb 2023 17:27:08 GMT
server
ATS/9.1.10.25
/
d.vidoomy.com/api/rtbserver/prebid/
0
209 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=advally-adhesion-slot&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=202dd845f7c672&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fh7yg164l&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.254.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-254-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 13 Feb 2023 17:27:08 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/
0
209 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=Top_leaderboard&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=3f4f3cce418e41&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fh7yg164l&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.254.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-254-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 13 Feb 2023 17:27:08 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/
0
210 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=15788&adtype=banner&auc=Sidebar_MPU&w=160&h=600&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&l=en&dt=1&pid=62178&requestId=414aaafc50938a&schain=%5Bobject%20Object%5D&bidfloor=0&d=pastelink.net&sp=https%253A%252F%252Fpastelink.net%252Fh7yg164l&usp=&coppa=false&videoContext=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.254.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-254-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 13 Feb 2023 17:27:08 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
mvo
tag.1rx.io/rmp/232868/0/
0
161 B
XHR
General
Full URL
https://tag.1rx.io/rmp/232868/0/mvo?z=1r&hbv=7.35,2.1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.184.143 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:08 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
18 KB
10 KB
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
0b5e2686f6629c59154002dd504f9755e80158ecc8d887f80a269e4b14932f58

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Feb 2023 17:27:07 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
content-length
9737
imp
g2.gumgum.com/hbid/
3 KB
2 KB
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1676309228092&to=0&aun=advally-adhesion-slot&pubcid=358e7c69-54a8-47e5-9d3a-5cf4a92ef1f3&gpid=%2F22405481091%2Fpastelink.net%2FBottom_adhesion_banner&t=arfs5lnr&pi=2&schain=1.0%2C1!advally.com%2CP58S175%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fpastelink.net%2Fh7yg164l&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.35.0%22%7D&ogu=https%3A%2F%2Fpastelink.net&ns=10240
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.184.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-184-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
882212b7ce288f71487e310138a9bacbf0e54bf95a2ded009715c362591707ff

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU658616
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
40d4b6bd9f50c8f2034d7a6e88b06b053b78d249cb693e7f6792a349e7379674

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:08 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Mon, 13 Feb 2023 17:27:08 GMT
bidRequest
c2shb.pubgw.yahoo.com/
66 B
340 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.219.241.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-241-183.us-west-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7ff27bd7468e144f062c1da292497a23a183a0968b8d762bc6ba0dcd84881a4b

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.219.241.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-241-183.us-west-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
52253c2b577fcdb20cc2d80b60d8ee47a6617d3cb0292ed7dbc81f5100388125

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/
66 B
116 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.219.241.183 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-241-183.us-west-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
894b5bc38f3e63254a9c94c12a28a09025b5add22136a52b68849b82216d7408

Request headers

Referer
https://pastelink.net/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://pastelink.net
access-control-allow-credentials
true
content-length
84
prebid
mp.4dex.io/
114 B
513 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab425e12bf9a1651f17ed34a261aba3ef06961032b5d776e273ad3746b6b054

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 13 Feb 2023 17:27:08 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1132
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
798f45e41d5924ae-LHR
expires
0
prebid
ib.adnxs.com/ut/v3/
359 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8e2fe21de3e452f52d11147684ab0198b8a4731ba16c3f60a3fb90dd258a2da4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:08 GMT
AN-X-Request-Uuid
3b6d1e89-9d79-42ae-868d-ccb91adc717d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
359
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
3e436deeb1dd3e2d874a572015648c8553b5dc7566f3acb37d6ee8cf5160c35c

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:08 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2032
Expires
0
adreq
ads.servenobid.com/
813 B
679 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=2285
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
25e0bbba083ec871934f70423280011e467074132143204ab2545a11bf0b0fda

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Feb 2023 17:27:08 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://pastelink.net
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
adjson
ads.betweendigital.com/
2 B
909 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
trinity.json
apex.go.sonobi.com/
137 B
1 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2245659ce63cc69c4%22%3A%22a16df01ea0c79ed1ef6d%7C728x90%7Cgpid%3D%2F22405481091%2Fpastelink.net%2FBottom_adhesion_banner%2Cc%3Dd%2C%22%2C%2246eeecd8aac82d6%22%3A%22f82be4c5dd747b5e5b3d%7C300x250%7Cgpid%3D%2F22405481091%2Fpastelink.net%2FTop_leaderboard%2Cc%3Dd%2C%22%2C%224771987df5d00dc%22%3A%22fce8d3c8814a8bee62fe%7C160x600%7Cgpid%3D%2F22405481091%2Fpastelink.net%2FSidebar_MPU%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fpastelink.net%2Fh7yg164l&s=70c59822-c62a-4666-83c2-e44efa4bf839&pv=40a38744-71e9-40f6-92b9-4e4200b9be18&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpastelink.net%2Fh7yg164l%22%2C%22domain%22%3A%22pastelink.net%22%2C%22publisher%22%3A%7B%22domain%22%3A%22pastelink.net%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22advally.com%22%2C%22sid%22%3A%22P58S175%22%2C%22hp%22%3A1%2C%22rid%22%3A%22140c06bc-494f-4a0b-b9b9-cbe2a576532f%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%22358e7c69-54a8-47e5-9d3a-5cf4a92ef1f3%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22358e7c69-54a8-47e5-9d3a-5cf4a92ef1f3%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1a86c0a4e9b8be09d56019996fbb5eaa79a5a2c6207eb98a2d0fc3e537efca6e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:08 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-129
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
132
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
adagio.js
script.4dex.io/
74 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 17:27:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9FJV6MT5HCHHQJ74
Age
1841217
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
dOwDp0SX54HNTT7/I3RKmhypK3j/ItuW6j0UlH9/grc6ALSqCM09NB8q95mpS+EhnvoFu2eYvzQ=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1ue2scOiz76NGAFNIuwDuARoOa7YHI43%2Fdqt8I6RI4kA45vKja7gQreZl%2FbkwbSAF%2BezBiihI2VrMHWy0ajg4FNRO7CfNxK7iFeTPz7f5opnr%2FJJV1%2Fa3Ue6PEkAHSsTqbu4xIY0XKepIPf"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
798f45e48d4a386b-LHR
g_pbst
1x1.a-mo.net/hbx/
0
89 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=728&h=90&bid=4818f978a8c5add&c1=banner&np=0.028694654999999996&aud=108950d584db492&a=advally-adhesion-slot&c2=hb_bidder%3Damx%26hb_adid%3D4818f978a8c5add%26hb_pb%3D0.02%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3D%26hb_acat%3D&ts=1676309229236&eid=49363eb2b92b353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.181.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-181-32.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.co.uk/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pastelink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
21 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2192392940466731&correlator=1980622218870968&eid=31072039%2C31071662%2C31072382&output=ldjh&gdfp_req=1&vrg=2023020701&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CBottom_adhesion_banner&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=759513158&sfv=1-0-40&prev_scp=rand_key%3D60%26hb_format_amx%3Dbanner%26hb_size_amx%3D728x90%26hb_pb_amx%3D0.02%26hb_adid_amx%3D4818f978a8c5add%26hb_bidder_amx%3Damx%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D4818f978a8c5add%26hb_bidder%3Damx&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1676309229255&lmt=1676309229&dlt=1676309227429&idt=588&adxs=436&adys=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fh7yg164l&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=806525551.1676309228&ga_sid=1676309229&ga_hid=1662980172&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623cb79a1554f770fcff76f07df8b58b15ae95504c0136c49be776817bf1f464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9856
x-xss-protection
0
google-lineitem-id
6154076578
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412688347
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
24 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2192392940466731&correlator=1980622218870968&eid=31072039%2C31071662%2C31072382&output=ldjh&gdfp_req=1&vrg=2023020701&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CTop_leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&adks=2603746535&sfv=1-0-40&prev_scp=rand_key%3D60&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1676309229264&lmt=1676309229&dlt=1676309227429&idt=588&adxs=310&adys=317&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fh7yg164l&frm=20&vis=1&psz=705x146&msz=705x0&fws=4&ohw=1600&ga_vid=806525551.1676309228&ga_sid=1676309229&ga_hid=1662980172&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29b32ee97e8e36fdf88d42909504b8f5bfefb90c7f3ead8ad23dc5815597fad1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10308
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
24 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2192392940466731&correlator=1980622218870968&eid=31072039%2C31071662%2C31072382&output=ldjh&gdfp_req=1&vrg=2023020701&ptt=17&impl=fif&iu_parts=22405481091%2Cpastelink.net%2CSidebar_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=3&adks=3854452215&sfv=1-0-40&prev_scp=rand_key%3D60&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1676309229267&lmt=1676309229&dlt=1676309227429&idt=588&adxs=1071&adys=521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpastelink.net%2Fh7yg164l&frm=20&vis=1&psz=168x607&msz=160x-1&fws=4&ohw=1600&ga_vid=806525551.1676309228&ga_sid=1676309229&ga_hid=1662980172&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d7a46ca40eafdd0b6ee2d75b87a33058d1d94e83fd0285ab2a281f6332686a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10311
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e4bb7b9b292e79dadbb2f292f3d245f45763f25b938e64540355615f479709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11087
x-xss-protection
0
container.html
427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F2D1
6 KB
3 KB
Document
General
Full URL
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:09 GMT
expires
Tue, 13 Feb 2024 17:27:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 17:27:09 GMT
container.html
427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D546
6 KB
3 KB
Document
General
Full URL
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:09 GMT
expires
Tue, 13 Feb 2024 17:27:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame D546
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnyzG7XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSkAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuItYLytToipmrKxV7-N6dNNfqKTAs-GqGYpdiG35_v7Y9vICL8kATgBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTE3NTA4NTYyMzkyMDQ0MTQY-t58&sigh=SOunga0OukM&uach_m=[UACH]&cid=CAQSSwDUE5ymPAzRgHjenh39Cz9HTkSC7Vt8hGg4rmK9MNCBTzoBukHxa0Rp-HXoLAw4oXNs_w_1sD-hsv56NvtPEIK1g_31T0QUhnQ4nRgB
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D546
0
0
Fetch
General
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kM7iFcmBMKwC-gGH-lcYAgAAABhMXkAqKIAjEO1y6mPk7gUW-5eFwArAaQASAAAKDkFRVURBUVlCQVFFQkFR&wp=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
155281
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C1E1
158 KB
51 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7414cb94e275bb19ab34ca89c41e2fe1fa511209960370a3cf5b67c548a4552c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=nT1G2KJRJT2Y3MLwZo7jjGx3f7Kd8YaM_daBCXTVgzpOOzEgSuFbDcW9YRYciS12zWdmhA9NOe53mAbQJFwz3MYMA3S2Mi0EBN7mVT1rcOO9gwOXXAYUFl191bCIkgO8TWeT3rHlK7MfsurPifDRPkUv2Y8dRP2UJEUSkOEAxXfZl-_r7nhMQ2zBCGjCgvhavL0tP306gpcb72-uXOb2hw40ygI_pDB6udWVN0xTZCuVGMV0Wz9rJruz-A1Mj08BzoCayQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
79129579
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D546
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:48:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
13113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 13:48:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D546
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
82860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7626
x-xss-protection
0
server
cafe
etag
5262822293969176042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Feb 2023 18:26:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D546
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 10:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
110970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Feb 2024 10:37:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D546
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 17:27:09 GMT
container.html
427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E742
6 KB
3 KB
Document
General
Full URL
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:09 GMT
expires
Tue, 13 Feb 2024 17:27:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D546
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc9053e5760a4515d244e246ef330c5215ea48614f8d4f61535425191b3a7de

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE18
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
3815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 16:23:34 GMT
expires
Tue, 13 Feb 2024 16:23:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 339A
783 B
918 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
af4505c0ad20fbad984ced63561f7d483acdaed05c5273354fec1f1e5a61345f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nYfcng96_vAP5HnqJYZqyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-nYfcng96_vAP5HnqJYZqyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:09 GMT
expires
Mon, 13 Feb 2023 17:27:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame E742
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-Un17XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSdAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggQloIMHnJW77xpy-m2bgykkN0gt8aXPqiANEZR82CApvERvmrmU8uAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTc1MDg1NjIzOTIwNDQxNBj63nw&sigh=jsYuhj1dKUU&uach_m=[UACH]&cid=CAQSTADUE5ymhEZ5SQcKs8dQ0Moym4TjxwMxZKKP3PI3hZ83MJhqEgZS1pHSgn4r1F-MjaATffxG-KX0NF8ueWQ2EEMPxAyQpG7xaF5faF0YAQ
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

notify
rtb.fr.eu.criteo.com/google/auction/ Frame E742
0
0
Fetch
General
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kM7iFciBMKAB2ASH-lcYAgAAAJx8apX49odSEO1y6mN1jvFAGflCBLet9wASAAAKDkFRVUJCUVlCQlFFQkJR&wp=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
222900
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5C56
159 KB
51 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69ff3c64a227e6142667495b7cbe108fa757b7d915855902c704af4015f77d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=tgo_WaJRJT2Y3MLwGRRz-XjbEVH2uP0PA8uWx6ifA-lKYVDgtdn1ac_srrOQ6dft2oFsJIErpXdZoZJgZThlMiSj_9wYekl7m1B-1Z3TK5On87lyF-PsqnKniG2KGMedCPCLkalm78B_-6rLBl0M64QaSkfR-5auZ5H5zfWmEys0W8DS0-kwE0kMh_Sm5m7-7QzoAXjGC9rk_4wjo7sk4Kv73y1f7cHVyMyg5SBxJWl5BxL_srqLy8vdDmOAo8bAKwrfDg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60015789
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame E742
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:48:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
13113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Feb 2023 13:48:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame E742
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 18:26:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
82860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7626
x-xss-protection
0
server
cafe
etag
5262822293969176042
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Feb 2023 18:26:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E742
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 10:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
110970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 12 Feb 2024 10:37:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E742
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 17:27:09 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame CE18
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 09:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
29759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Feb 2024 09:11:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 339A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020701&jk=2192392940466731&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

truncated
/ Frame E742
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11837d25fc9bc666adbd8177bcea673545a736b2a436b2b6606fc7f94e6a3890

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame C1E1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame C1E1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C1E1
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 08 Feb 2024 17:27:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C1E1
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 08 Feb 2024 17:27:09 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame C1E1
43 B
348 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Uxci73dSAFHE5QUtcRpfuVyq5Swn39RhcLgYZSECcjC2ZoWX5EZgUeAaK3JAnzmI5AgZPkD34TJurK8pb3Dp43Fzz96P_jhUzqskkzNU_rVec4Pc5MPlVzXqpq7BR6NOwTMcbVZCE2JxWo3ej9chUc1i9-8EWx0FNkc_nIw33RHNgABb2wE4MBzz9dAjz1jpPuxnop9aZ-Exc7lsuTxFeE_PJBiwzqtlfmCfCXXYh-K8uoojmeMrbjWv2F2ODsrc_h50hyJ2K-SjzIOrU-1lwRmwxL08cnqTQM0J87yUzOoHQcrSCmYuGUR32ht7hM2xR-_pwAHF0A9P15JRpPN-061IBpx0I9xDCybCwIVs6w6Rdkv6FsUbcEU25ulM0gPDBkYqtbEEUvcDvL-BDdTMJWRn1mdVG_uW91lEP-m_VEfZWpnXqyu-VLa0mnEKu2kijqLq-A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1758176
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6EFA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKFD6aamzduwXwjE5bQSgb5wqTW0ZlLXmP7eNx9y_SWFjDE80aLLYIhLI_WqC8BHvtRhPVBYtT1JQ8EytIVL2b-XDUU4xsmj1q0KGKa7iFQASfg-KJ41h-74yzSYPcEKjthT5cgAkxgCds2n6I7FGP-eArQLhvyAhaBo0JUXHeBCfEQlOqUDOgtiB_KXMrxhNYFc4NAdE60Nj7ika9LTEaQH-oVEgcZS-TVJxJAiUYopbKNHQrWon6MSUpQ_m5uDjzJvPCCN1eX3l_g3LM-FWnhO4Q3IwB9z687n_y6witelMuUnzHTd2DMhLQri3TWGv5WlGpQv42UmDx9NpKF0aVdzkLb3XYtLBFmtM&sai=AMfl-YS4j8TJgPr5nUw_M-2z6JGWq1rgdWgwD3-1pzQcqzMIejN1kS1WNaDr0-hCyAvHwy2zQzk9iFEg7DyaSgi6maQPnFUt4E7v993DedrnmAUaIIDcvlQkvQ1Yxdfl90Awas1-8Uor1ukSBnRHzLo&sig=Cg0ArKJSzAd_cuNGp7sUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
latest.js
cdn.adligature.com/prebid/creative/ Frame 6EFA
26 KB
10 KB
Script
General
Full URL
https://cdn.adligature.com/prebid/creative/latest.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79
cf-polished
origSize=26676
x-guploader-uploadid
ADPycdu3O06WGtuApg8HwYL8i7uKGXwiXh_pYlatqo18AhdeJm9aa696f5DC8mVHFXb64eETD4G_HqJVOWBSq0clcsco
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Nov 2022 18:38:24 GMT
server
cloudflare
etag
W/"2ae59c013b7f4ee879f45354f6b5ecd7"
vary
Accept-Encoding
x-goog-generation
1667327904512712
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=aFygIg==, md5=KuWcATt/Tuh59FNU9rXs1w==
cache-control
public, max-age=1800, s-maxage=600, must-revalidate
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gt3nCizYDbI6Q5SHrj%2BvJJZV%2BRdeGI44RdUolaxspky6ZMIQEp%2BHcIkpWhn6p5eqbqj4cJynRRN3W38f1tRxI4BMtoXZIec4rDcdYZ67%2Fc3YX9AtEuJp%2FwMgNjtA8VUSMYI%2FIf9iwBGLCHZOzMrbcg0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
26676
cf-ray
798f45ee7c3a72f6-LHR
expires
Mon, 13 Feb 2023 17:35:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EFA
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48910
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675860536307976"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 17:27:09 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5C56
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5C56
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5C56
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 08 Feb 2024 17:27:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5C56
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 08 Feb 2024 17:27:09 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5C56
43 B
347 B
Image
General
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4dDgao0wi5P-XmltTG2m0fQGJqG1cHgUJEaEDGcxQlOdwtJe8QL-6-ME3M5c4de3L6YdZcaizshNvYFIUB_eQnKzCMXmo4vAe38Qi-NB-1AtXKz_jPsrMZ2KNAxWWxNroM5QHy5em77nBYeIIVG7Kwntpasw6vwaMAAr7m3UikgfS75yBJpPbHNiEyhTqF4WaKp1-U0aKAebXfJnI3q4J7aRmxXngEHirD90VFI8TsYliC5Kf-5O0YWhV7VyZpngg6v-8nfuwpBy1rkIRN8ZSnyNJc57zCMucSqQ8GOPA9EJpM3t7HoLQj4unwoRHZb0aYPpgDNQbjcG5TJHl7Bodyjn5DsjvC6_WKn7fXWJOy8agaYudG-YyF7rGK1QWUE5exasqpmKVUts4Ude-iU9l8TMotEwlmZH5c1WonE0-g5TfSrk
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3072237
expires
Mon, 26 Jul 1997 05:00:00 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame C1E1
2 KB
900 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame C1E1
2 KB
900 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
animejs.js
static.criteo.net/animejs/ Frame C1E1
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
img
pix.eu.criteo.net/img/ Frame C1E1
10 KB
10 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2395&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2395%2F230202%2Fa8cca63a830b4bdfaa3c8258ffac8ff3_reed_co_uk_landscape_pos_blue_rgb.png&v=3&w=596&s=6KgVXJCHee6yai2T2vfVOkXf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c0062d4f840d9d1ee1d43aba617a31f8aabb7dcec283d14f6bd0d852fad672f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30150777
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9764
expires
Sun, 28 Jan 2024 16:40:07 GMT
all
csm.eu.criteo.net/ Frame C1E1
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=nT1G2KJRJT2Y3MLwZo7jjGx3f7Kd8YaM_daBCXTVgzpOOzEgSuFbDcW9YRYciS12zWdmhA9NOe53mAbQJFwz3MYMA3S2Mi0EBN7mVT1rcOO9gwOXXAYUFl191bCIkgO8TWeT3rHlK7MfsurPifDRPkUv2Y8dRP2UJEUSkOEAxXfZl-_r7nhMQ2zBCGjCgvhavL0tP306gpcb72-uXOb2hw40ygI_pDB6udWVN0xTZCuVGMV0Wz9rJruz-A1Mj08BzoCayQ&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C1E1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C1E1
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:09 GMT
c.js
assets.a-mo.net/js/ Frame 6EFA
44 KB
17 KB
Script
General
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589287787f8805dedb24cde98bfecc87405aec4af8668301ba671b5b530ef3be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
via
1.1 5f684ddc3ff7bc889dac29fa9e51915a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
LHR61-P2
age
481
x-cache
Hit from cloudfront
last-modified
Wed, 31 Aug 2022 15:27:03 GMT
server
cloudflare
etag
W/"a05a49d5210edbc753011f3d8ce5e63c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
798f45f03d46dce7-LHR
x-amz-cf-id
lsfk_ZnkZyqbZTyws7kgNPLMOchJ0IBOdWnoD9e4nM05lvf2rhwhqg==
expires
Mon, 13 Feb 2023 18:27:10 GMT
g_pbwin
1x1.a-mo.net/hbx/
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=728&h=90&bid=4818f978a8c5add&C=0&np=0.028694654999999996&a=advally-adhesion-slot&ts=1676309229924&eid=50fe278a2cd3044
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.181.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-181-32.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame C1E1
16 KB
17 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame C1E1
16 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 5C56
2 KB
899 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 5C56
2 KB
900 B
Stylesheet
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 5C56
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
img
pix.eu.criteo.net/img/ Frame 5C56
14 KB
14 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=108&m=0&partner=2395&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2395%2F230202%2Fa8cca63a830b4bdfaa3c8258ffac8ff3_reed_co_uk_landscape_pos_blue_rgb.png&v=3&w=316&s=LBZDURFCGxhTD2pjwr3q27jh
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
468faf01bef7f2c0cd3cb8395f799fdddb13c6b5119b1fc112a073bb70eb0df9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30150777
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14154
expires
Sun, 28 Jan 2024 16:40:07 GMT
all
csm.eu.criteo.net/ Frame 5C56
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=tgo_WaJRJT2Y3MLwGRRz-XjbEVH2uP0PA8uWx6ifA-lKYVDgtdn1ac_srrOQ6dft2oFsJIErpXdZoZJgZThlMiSj_9wYekl7m1B-1Z3TK5On87lyF-PsqnKniG2KGMedCPCLkalm78B_-6rLBl0M64QaSkfR-5auZ5H5zfWmEys0W8DS0-kwE0kMh_Sm5m7-7QzoAXjGC9rk_4wjo7sk4Kv73y1f7cHVyMyg5SBxJWl5BxL_srqLy8vdDmOAo8bAKwrfDg&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Feb 2023 17:27:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5C56
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5C56
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
generate_204
tpc.googlesyndication.com/ Frame CE18
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?RBtaDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
msantracker-bingads-display.min.js
bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/ Frame 6EFA
2 KB
1 KB
Script
General
Full URL
https://bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/msantracker-bingads-display.min.js
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
42be1eb208fce6024a2d26a3caae02def19e0f28bf5ddafdb470d8eeb86c9ca4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
last-modified
Mon, 09 Jan 2023 23:19:06 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
vkzEIbbA2GBfQvXqbjxjiw==
x-azure-ref-originshield
0obfpYwAAAAAavUooMwHoQ5mUArhfRhyNTE9OMjFFREdFMTgxNQA2YzA3YmFlMi03MWNkLTRkZjEtYWVkYi01MDgzNWJlYWJkOWE=
etag
0x8DAF297E7C39291
x-azure-ref
07nLqYwAAAAB3Pdu2A6VBSrd2E/8TqP0JTE9OMjEyMDUwNzE4MDExADZjMDdiYWUyLTcxY2QtNGRmMS1hZWRiLTUwODM1YmVhYmQ5YQ==
x-cache
TCP_HIT
content-type
text/javascript
x-ms-request-id
a2543de0-501e-0037-414a-3f8bf9000000
x-ms-version
2009-09-19
c.gif
www.bing.com/aes/ Frame 6EFA
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=016fa027-260e-4044-bf41-38af98bc73d5&oAdUnit=391466&publisherId=162645330&rId=33f4648b-ca67-4372-a68d-ae8083beb921&rlink=https%3A%2...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4edfaa2074764d15b053e9677f501999&SNR=1&GV=2&med=10
0
164 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4edfaa2074764d15b053e9677f501999&SNR=1&GV=2&med=10
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Server
2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D62C78E125E5496381D473485542AF42 Ref B: LON212050704019 Ref C: 2023-02-13T17:27:10Z
content-length
0
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 13 Feb 2023 17:27:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 49EF507863304C7F9D314F92F0DDAFF6 Ref B: LON212050704019 Ref C: 2023-02-13T17:27:10Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4edfaa2074764d15b053e9677f501999&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
template.11c9d5f2.css
bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/20230207.1/templates/banner728x90/ Frame 6EFA
3 KB
1 KB
Stylesheet
General
Full URL
https://bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/20230207.1/templates/banner728x90/template.11c9d5f2.css
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b4eeacba9977e193136fccc59f55a480d71cde6a204cbd79c6e632707c97a387

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 13 Feb 2023 17:27:09 GMT
content-encoding
br
last-modified
Tue, 07 Feb 2023 05:42:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
R+1fnHYzi5nLeK95h6r2Ew==
x-azure-ref-originshield
0X1LqYwAAAACyfBOrIB1LSafibJL03/79TE9OMjFFREdFMTgyMAA2YzA3YmFlMi03MWNkLTRkZjEtYWVkYi01MDgzNWJlYWJkOWE=
etag
0x8DB08CE1F63E588
x-azure-ref
07nLqYwAAAAAea4KHXNtWS434PFsA3FSJTE9OMjEyMDUwNzE4MDExADZjMDdiYWUyLTcxY2QtNGRmMS1hZWRiLTUwODM1YmVhYmQ5YQ==
x-cache
TCP_HIT
content-type
text/css
x-ms-request-id
a7fc773b-e01e-000b-61bc-3f8603000000
x-ms-version
2009-09-19
th
www.bing.com/ Frame 6EFA
345 KB
346 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.9964349724118_194QCLN175Q1JVS9RZ&pid=21.2
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a5d0ecea385c3f56e66e375c804575a4fbd5d29c9fc33a98a7914ec114a23fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:09 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0C5B8459C3614E049D300CE66C3879BB Ref B: LON212050704019 Ref C: 2023-02-13T17:27:10Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
x-cache
TCP_HIT
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
353098
ad_choices.svg
bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/ Frame 6EFA
2 KB
2 KB
Image
General
Full URL
https://bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/ad_choices.svg
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a71a3803ab0f6f1c955b5a6bb90054b6697d3a29581e92ef119b6b472933c877

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 13 Feb 2023 17:27:09 GMT
last-modified
Thu, 11 Aug 2022 05:13:37 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Sy5sxYUJBNUSaDDltY4qJg==
x-azure-ref-originshield
0B5bpYwAAAAAiLRd1BBpoSr8Zzg7YVZQOTE9OMjFFREdFMTcxMwA2YzA3YmFlMi03MWNkLTRkZjEtYWVkYi01MDgzNWJlYWJkOWE=
etag
0x8DA7B583F1BC71D
x-azure-ref
07nLqYwAAAABBTY4kwMxCTaZLdpSHio4XTE9OMjEyMDUwNzE4MDExADZjMDdiYWUyLTcxY2QtNGRmMS1hZWRiLTUwODM1YmVhYmQ5YQ==
x-cache
TCP_HIT
content-type
image/svg+xml
x-ms-request-id
3efd313c-101e-00bf-5c39-3e5493000000
x-ms-version
2009-09-19
content-length
1709
chevron_right.505b20ac.svg
bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/20230207.1/templates/banner728x90/ Frame 6EFA
283 B
591 B
Image
General
Full URL
https://bing-ads-display-ads-cdn.azureedge.net/display-ads-resources/20230207.1/templates/banner728x90/chevron_right.505b20ac.svg
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2e4db0d2188b8af6a4760d64a85c42a9ac0c58d86946cad217782df766bdeb10

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 13 Feb 2023 17:27:09 GMT
last-modified
Tue, 07 Feb 2023 05:42:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
1uGXfUdE3/a7TyHUgJEkIA==
x-azure-ref-originshield
0X1LqYwAAAABVQUfDiPBISYL3I00vxgiNTE9OMjFFREdFMTYwNgA2YzA3YmFlMi03MWNkLTRkZjEtYWVkYi01MDgzNWJlYWJkOWE=
etag
0x8DB08CE1F5F56C3
x-azure-ref
07nLqYwAAAADYnneq2CL+SohLUs/fcXYyTE9OMjEyMDUwNzE4MDExADZjMDdiYWUyLTcxY2QtNGRmMS1hZWRiLTUwODM1YmVhYmQ5YQ==
x-cache
TCP_HIT
content-type
image/svg+xml
x-ms-request-id
e26d55c0-d01e-0050-096f-3f11c6000000
x-ms-version
2009-09-19
content-length
283
it
nym1-ib.adnxs-simple.com/ Frame 6EFA
0
779 B
Image
General
Full URL
https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fh7yg164l&e=wqT_3QKvB2yvAwAAAwDWAAUBCOzlqZ8GEJSjqa3wnqueZBj_EQFYASo2CQAAAFutaa4_Ec3MDLBk5Kw_GQAFAQgWQCEREgApESTYMQAAAIDC9fQ_MNHIkgo4gmBAtV5I4wNQuomKtgFYsZOQAWAAaKKOqQF4qsUFgAEBigEDVVNEkgUG8MmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALY1VvqAh5odHRwczovL3Bhc3RlbGluay5uZXQvaDd5ZzE2NGyAAwGIAwCQAwCYAxSgAwGqA4UDCpsCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzNmNDY0OGItY2E2Ny00MzcyLWE2OGQtYWU4MDgzYmViOTIxJm9BMjkAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgQzM4pOAPA8cnR5cGU9bnVybCZzbXBsSWQ9ZTg2ZjkmdGFnSWQ9MjEyNzU3MjkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WDFN1YkcFGfQqAXFyc25oeWcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MjIyODM4MDc5MzQ3MzgwNjI4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTRNRGN6TWpRNE5ESTFPVGNqTWpNek5EWXdOamM0TXpJNU9Ea3pNZz09wAOsAsgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECjUuMTg3LjIxLjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAADASUARAAAAoJmZub-IBQGYBQCgBYCN35W1gvH3PqoFEElVSlhRQ1dMUEtLNE9JSDXABQDJBQAAAAAAAPA_0gUJCQAAReNsANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgHBBgkhLPA_0AbCjQTaBhYKEAkSGQEBsWDgBgHyBgIIAIAHAYgHAKAHAcgHqsUF0gcNYVcFAQEmCNoHBgFecBgA4AcA6gcCCADwB8jeB4oIAhAAlQgAAIA_mAgB&s=6a2e24729570c840b771e8e7444f0df4037fc5a8&pp=
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:10 GMT
AN-X-Request-Uuid
a54aee4d-90bf-4a7d-a17e-7971dbf23c0f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs-simple.com/v/s/231/ Frame 6EFA
80 KB
27 KB
Script
General
Full URL
https://cdn.adnxs-simple.com/v/s/231/trk.js
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Expires
Thu, 30 Nov 2023 10:08:50 GMT
Date
Mon, 13 Feb 2023 17:27:10 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
6506301
X-Cache
MISS, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga21927-LGA, cache-lcy-eglc8600025-LCY
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1676309230.235681,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
0, 99126
himp
1x1.a-mo.net/hbx/ Frame 6EFA
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CqcCIgpqeWR3aHlrZWYzMTsVLrMhYp0_OgVtb25ldEIVYWR2YWxseS1hZGhlc2lvbi1zbG90Sg1wYXN0ZWxpbmsubmV0Ug9hYXMtMzcxOWMyZTMtZGlaCHBiYTEuMy4yag1wYXN0ZWxpbmsubmV0eAGKAQg1OTZkZGYyYaABWqgB2AXAAYbhC8gBAOgBAPIBDzMyNjMyNDk4MzE4NTUyNPoBBjcuMzUuMJgCngKpAgAAAAAAAAAA6AIBiAPs5amfBqIDFFlXUjJZV3hzZVMxeWIyNHVZMjl0qAMM4AP4ggHqAw8xMDg5NTBkNTg0ZGI0OTKqBANEQ0jSBQkxMDUxOTkzMTfYBQHgBQDqBQdkZXNrdG9w8gUNOEtGNjY3OTZGM1FJT_oFA255NQ&M=13&cn3=0&c4=native_dom&C=no_res&m=x%3A0&e=&sw=992&sh=162&rr=no_res&rw=992&rh=162&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.181.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-181-32.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 6EFA
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CrQDIgtfanlkd2h5a2VmMzGjzAaZZOSsPzoIYXBwbmV4dXNCFWFkdmFsbHktYWRoZXNpb24tc2xvdEoNcGFzdGVsaW5rLm5ldFIPYWFzLTM3MTljMmUzLWRpWghwYmExLjMuMmoNcGFzdGVsaW5rLm5ldHgBigEINTk2ZGRmMmGSAQIxMKABWqgB2AXAAYjhC8gBANAB____________AegBAPIBDzMyNjMyNDk4MzE4NTUyNPoBBjcuMzUuMJECOxUusyFinT-YArQEqQIAAAAAAAAAALoCCTM4MTg0NjcxNMICBTEyMDg12gIIMjEyNzU3MjnoAgGCAyQyMjNhYjUwMC1kZThiLTQ1YWUtYTNjYS1mMTJhZWQ5NThlYmSIA-zlqZ8GogMUWVdSMllXeHNlUzF5YjI0dVkyOXSoAwzKAwUxMjA4NeAD-IIB6gMPMTA4OTUwZDU4NGRiNDkyqgQDRENIggUTMTUxMDM3Mzg2MzEzMzk3MDQ0NcIFAzQ4M8oFATDSBQkxMDUxOTkzMTfYBQHgBQDqBQdkZXNrdG9w8gUNOEtGNjY3OTZGM1FJT_oFA255NQ&M=13&cn3=0&c4=native_dom&C=no_res&m=x%3A0&e=&sw=992&sh=162&rr=no_res&rw=992&rh=162&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.181.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-181-32.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
inde
1x1.a-mo.net/hbx/ Frame 6EFA
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/inde?aid=cGFzdGVsaW5rLm5ldA&b=pastelink.net&M=13&v=pba0.0-aa2.13.0-93ddeb2-0&cv=c.js&lng=en-US&_e=CrQDIgtfanlkd2h5a2VmMzGjzAaZZOSsPzoIYXBwbmV4dXNCFWFkdmFsbHktYWRoZXNpb24tc2xvdEoNcGFzdGVsaW5rLm5ldFIPYWFzLTM3MTljMmUzLWRpWghwYmExLjMuMmoNcGFzdGVsaW5rLm5ldHgBigEINTk2ZGRmMmGSAQIxMKABWqgB2AXAAYjhC8gBANAB____________AegBAPIBDzMyNjMyNDk4MzE4NTUyNPoBBjcuMzUuMJECOxUusyFinT-YArQEqQIAAAAAAAAAALoCCTM4MTg0NjcxNMICBTEyMDg12gIIMjEyNzU3MjnoAgGCAyQyMjNhYjUwMC1kZThiLTQ1YWUtYTNjYS1mMTJhZWQ5NThlYmSIA-zlqZ8GogMUWVdSMllXeHNlUzF5YjI0dVkyOXSoAwzKAwUxMjA4NeAD-IIB6gMPMTA4OTUwZDU4NGRiNDkyqgQDRENIggUTMTUxMDM3Mzg2MzEzMzk3MDQ0NcIFAzQ4M8oFATDSBQkxMDUxOTkzMTfYBQHgBQDqBQdkZXNrdG9w8gUNOEtGNjY3OTZGM1FJT_oFA255NQ&r=0&C=no_res&m=x%3A0&e=&sw=992&sh=162&rr=no_res&rw=992&rh=162&rer=&dr=0&eid=1kw5fl27ned2brkgya&ts=1676309230153
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.181.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-181-32.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 5C56
16 KB
17 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 5C56
16 KB
16 KB
Font
General
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.eu.criteo.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Feb 2024 17:27:10 GMT
rd_log
nym1-ib.adnxs-simple.com/ Frame 6EFA
0
779 B
Script
General
Full URL
https://nym1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fh7yg164l&e=wqT_3QKqBGwqAgAAAwDWAAUBCOzlqZ8GEJSjqa3wnqueZBj_EQFYASo2CQAAAFutaa4_Ec3MDLBk5Kw_GQAFAQgWQCEREgApESTYMQAAAIDC9fQ_MNHIkgo4gmBAtV5I4wNQuomKtgFYsZOQAWAAaKKOqQF4qsUFgAEBigEDVVNEkgUG9AUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAtjVW-oCHmh0dHBzOi8vcGFzdGVsaW5rLm5ldC9oN3lnMTY0bIADAYgDAJADAJgDFKADAaoDAMADrALIAwDYA_uVwgHgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAo1LjE4Ny4yMS4wqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYB-gQSCQAAAAAAwElAEQAAAKCZmbm_iAUBmAUAoAWAjd-VtYLx9z6qBRBJVUpYUUNXTFBLSzRPSUg1wAUAyQUAAAAAAADwP9IFCSFvBQFo2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAcEGBSAwAPA_0AbCjQTaBhYKEAkSGQEBsWDgBgHyBgIIAIAHAYgHAKAHAcgHqsUF0gcNFWMBJgjaBwYBXnAYAOAHAOoHAggA8AfI3geKCAIQAJUIAACAP5gIAQ..&s=746bb4647c873d72245a998e4465625d246d2588&bdref=https%3A%2F%2Fpastelink.net%2Fh7yg164l&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fpastelink.net%2Fh7yg164l,https%3A%2F%2Fpastelink.net%2Fh7yg164l&
Requested by
Host: pastelink.net
URL: https://pastelink.net/h7yg164l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:10 GMT
AN-X-Request-Uuid
0ec35c73-01f8-4be0-b1b7-3ae457bbb5d5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6EFA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnXPVlZ3BUn-YZLvaVbJ8PF1tiJ1MQ8bLdx6_SCMOYRstvqvaFEcTJMerbUPX_SNvmffwimpYIVuAQ7ZMN-N9WtnexqMWJLatxj62zwj2TIgHuNuj-X8VbuZYs-Fhccd3FnYN32_eeRDYT8PcNPepNz0M0oDTxnfvFPm7iEyEfdHur4l3xaOqcE7zqqrongbNezj_oc5TTY-L_0xVH6ekvEle-JELMlDHBM-N3dVT1-8KKxmsIFDPJfT4x1EulyK8Yc7kSt57bb9K9BbATiyp3Mw5kMfA3dNZFHO9FKLzXkvwi9fTYRmZH-Co1fzzjRRY3YDxdd81atrU9tuWptwJxx01AobinbIjefAichA&sai=AMfl-YRMtlXKElKB5kl_n06SB5jeiBXxPD6FPfPsrSKJvgJUzc_YjtAmKroklw8yg-KcV84yPayVZ3AHViBlnFhDHRtQvHCIoDnjKnfm4ozE3dsW6ehcT1Rf6MqAYfz9MaLpPDnyKQDuArhBq03Ldzg&sig=Cg0ArKJSzOvRuqlbOIJ9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 13 Feb 2023 17:27:10 GMT
truncated
/ Frame 6EFA
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e991857d7b5b2aadc42d37e7aaf342bf76eec322a733900b6e31b2aae233e09

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs-simple.com/ Frame 6EFA
0
799 B
Ping
General
Full URL
https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fh7yg164l&e=wqT_3QKvB2yvAwAAAwDWAAUBCOzlqZ8GEJSjqa3wnqueZBj_EQFYASo2CQAAAFutaa4_Ec3MDLBk5Kw_GQAFAQgWQCEREgApESTYMQAAAIDC9fQ_MNHIkgo4gmBAtV5I4wNQuomKtgFYsZOQAWAAaKKOqQF4qsUFgAEBigEDVVNEkgUG8MmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALY1VvqAh5odHRwczovL3Bhc3RlbGluay5uZXQvaDd5ZzE2NGyAAwGIAwCQAwCYAxSgAwGqA4UDCpsCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzNmNDY0OGItY2E2Ny00MzcyLWE2OGQtYWU4MDgzYmViOTIxJm9BMjkAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgQzM4pOAPA8cnR5cGU9bnVybCZzbXBsSWQ9ZTg2ZjkmdGFnSWQ9MjEyNzU3MjkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WDFN1YkcFGfQqAXFyc25oeWcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MjIyODM4MDc5MzQ3MzgwNjI4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTRNRGN6TWpRNE5ESTFPVGNqTWpNek5EWXdOamM0TXpJNU9Ea3pNZz09wAOsAsgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECjUuMTg3LjIxLjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAADASUARAAAAoJmZub-IBQGYBQCgBYCN35W1gvH3PqoFEElVSlhRQ1dMUEtLNE9JSDXABQDJBQAAAAAAAPA_0gUJCQAAReNsANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgHBBgkhLPA_0AbCjQTaBhYKEAkSGQEBsWDgBgHyBgIIAIAHAYgHAKAHAcgHqsUF0gcNYVcFAQEmCNoHBgFecBgA4AcA6gcCCADwB8jeB4oIAhAAlQgAAIA_mAgB&s=6a2e24729570c840b771e8e7444f0df4037fc5a8&type=nv&nvt=5&jm=1003&px=436&py=1105&bw=171&bh=90&sid=2198544001468527275&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21275729&sw=1600&sh=1200&pw=1600&ph=14046&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:10 GMT
AN-X-Request-Uuid
eba7f61d-4c39-4ae4-baa0-7e209a93c3c1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020701&jk=2192392940466731&bg=!-_il-KzNAAaq5O5FiuQ7ADkAdvg8Wt8Z_lTLJLis1RBQU4C8Nq1LtX_svsR9e6PxIjkZ_jW-Sw6YbT5-URyeIzZxUibw8d_kNGkCAAAAtlIAAAAEaAEHmQKowmVq6dyqQbUrZ2f7D_MmNZH75XpU5noSucHvzvCF9IgkOHrgeivzKAuSgAVGt8zYUcX-hyvI1j0DGmn7fzTQiVgnJOv9rg1YFJmd4z6QVrWBBiwuHhH-yApL2VK0HTcMGDCaC-msEdIvLvZXvVGg4UBL2yGLcQyZubdc94RvrBLgJ7LfEO3fAB-tnLXj49ku6OIOnGgkPdX1f10wTO72KWMi31TFc5HVBnmh3N5sG7Qc5J4iN29RX_VjW7ThzjCwmjf95IqoFB9yAtff8i8oXeUBIs3qJRKMcO4Tjw1NL8BcypfKmnbKDv9xCvJ2ZnvtJGOvyWjsMXngmjOurzISgw5QjA-k9mMu2Z6AuXgedd7VkpqfQjERwhEp-4UkA3FItc0jtOVCw88k723bojIg9Ai7h0pQluclpBLGIbLkv6gNbKW_cLSW7Z2tthtGS-hjkDJVgGEoXmwYknIfwoMmDkPayXFZ9VyqAHyV9NBP1LWoXehaPakfXXHT8yIk_Z9mhN8De9zWhsxC3_mhM_yqp0iTNN6fu89eIK0xPinZInNARg3inRXf1tzXmPOYa99gn41H_zXIJrTeFEXBxjJg3h8Ek5etDkvFpWfubDlPSXCG38FFBESIh535G1yRsEgU1fssAV6Cax6PISKEXMsE9-jihov1DAINFqUjk_cT2C-kbotfozd4ugu-KwYaGj3wQA_CgmD9TRhwl9vFrqf5yV4KGfe2zH7BAN6iHso6gcvO2vL7j840rymEWSYkF_7UbY7xd5klrTk1VoSFnXLt3yLUFmpvvKgTevJfyTV3YAKdUudUvin2ESn1aXziEwvxouixJhJpggFK5IBRtwhDWZ0AePRQOsp6RlaZ21DW_qswyjKC0LAn3GizFKPTc0skVnPvpFtQxrk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame D546
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRWq_s3fGbiPOYZ2dNiL_b8NnRVvrIhAWDc1GQNtpXrO-bbvJSj9rXtE6-Ft5h7buOAp_V9U8qcsQPTviAKt1CdeQP&sig=Cg0ArKJSzOXIEw_7sNRsEAE&id=lidar2&mcvt=1000&p=317,310,567,610&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2603746535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676309229504&rpt=288&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E742
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfelA35_3iq3OFoLUcuVeFV1qHe59YxGmjQkbvDBCFo0ENg9LvyYzdlX-8WBQs9yaLJMf1eMXl1-maHUhuM3vEwuTD&sig=Cg0ArKJSzPGANzv8Gk8UEAE&id=lidar2&mcvt=1001&p=521,1071,1121,1231&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3854452215&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676309229657&rpt=187&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame C1E1
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=nT1G2KJRJT2Y3MLwZo7jjGx3f7Kd8YaM_daBCXTVgzpOOzEgSuFbDcW9YRYciS12zWdmhA9NOe53mAbQJFwz3MYMA3S2Mi0EBN7mVT1rcOO9gwOXXAYUFl191bCIkgO8TWeT3rHlK7MfsurPifDRPkUv2Y8dRP2UJEUSkOEAxXfZl-_r7nhMQ2zBCGjCgvhavL0tP306gpcb72-uXOb2hw40ygI_pDB6udWVN0xTZCuVGMV0Wz9rJruz-A1Mj08BzoCayQ&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAE8aoH_Z6jAACGJA5NWsx6glDVxRXaDA&u=%7CgaZB%2BkzcAgS1JsLzAVvbbRaq5aVi1hTjAw0vo9XzkG0%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8SuwOxwt-8yHzGYRQ2HgOLnnrsU6Xzi486eIsCFBbBzZ8q-ZoL4QdzV9UVsT0h1z5qd9mzwsCcRrq09JhwMqRPZ21K5mgjTW-TztxKs5u4DhTnUYi5Ye3hMwJ3HzLSVmnm7DeJZSWf8DKMxtq_zOmYgvTzzI977w6gVzgSqPITaFo0241lDPeI6ru7SRED1sfjtfiq9Pa_owfyobOmbwZPxSiewz8kTw7hGtgqo9Rx6aBbupLZTy9FVZY6mYJGKakw7y0o4MiqrVoKnVvtpkQ-buf95IWQTeLupiIYjQtfC-_UbkMQdxKH1Aq--f0jh28N3Pr9CYm6COtzFNyX8MuoNzNIdAKv7q0WRWgzESwHNAVLwYDUbhxdquYDC4TfsUnr344kLb8zXjHtjD9GAt08vG4Ff48hcVe8dEypa_Z9UvemqNB6cEqIrWyeU9A9KpCqLYgNRy1AK6edOKm998wCwU8yMXtJT8JR74sLiKv-JvnbrhUKqTOgTEsp0v6_uf47CwIvZRdgDXb5PGWURrIk7PWXD1Pg-btM2KJQwoywWrKMHMiJZzGusQv85Bn3T8XoKKNfRagykHw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC__t47XLqY6rjE6O99u8PpIyCgAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMByAMCqgSnAk_Q7cchNDKc5NtJxb0ft6SyKJ167Nu8vMz7lhTDUS20Wf7n-RDiq9PcKnR7EazuGdhObPbZzUO4whuBeVQkLaQ7rjpcOr-EArSURgJeLchs3LHaSAiWlCpS0Lq_2KuClI_xcoPOs86cGdpDc8WBHGQCQ6vPY1Me9Whm41nmH3rAuub-OYnxhBQDo2W9o7AA_pUC4ZLUaco3OwpOnQIGEUNsOAQr4YBxHBKN4hdsfeJmxTDqoOEdyJHf1oyEt3RJjJEZQxeiRncBeQIz45UW2wiw9YM-Dz695vnuxVa-RN86bZ62TXVhhgF6PUirPO46OsmTIHB0PjiGijajmOuI94DTJ-mAVG9ZN1FmtMPRnvmeRrc0NLlDK0PiQz5Q86N38aUWlZdbFy7gBAGABpXww72N99a55wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3FMuBDgTh3t5YQ0rtN5oI_7Zgldg%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Feb 2023 17:27:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 5C56
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=tgo_WaJRJT2Y3MLwGRRz-XjbEVH2uP0PA8uWx6ifA-lKYVDgtdn1ac_srrOQ6dft2oFsJIErpXdZoZJgZThlMiSj_9wYekl7m1B-1Z3TK5On87lyF-PsqnKniG2KGMedCPCLkalm78B_-6rLBl0M64QaSkfR-5auZ5H5zfWmEys0W8DS0-kwE0kMh_Sm5m7-7QzoAXjGC9rk_4wjo7sk4Kv73y1f7cHVyMyg5SBxJWl5BxL_srqLy8vdDmOAo8bAKwrfDg&sds=2&rev=84699&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-py7QAHGB0Iu-MjAAdIpJ0e_zozGN85LPL2Lw&u=%7CgaZB%2BkzcAgQngwr8AIdvDDewNuZmuP95UFSZBndh5N4%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9QtxaN2yFPYz7E27bdan5Oj7k42CU8oFF4MaquG6nFYrTI84-4qDBQ3UIDPY-TsPFtiHHay1q1C7P4tXqXyBNyN7ERCqNsF7YrFuE7CUny8up7ZEIXqbh7SEm8EvzqIpqEjryH4o8ZBo0-yzplxSnHlALBQrhvWjPr9NMvSBX6j2ozyJYwX2w7zxnYhzlRIr4VhMmZpAXMCSYbxlaIGlrywKT3BvWQESlFg8XZfO4HlltqFYvDXBnOuU1OPTGlrKU3A20k8WfRJ4FJeQ1rKbYUG9YIHcWdB6bpdZVo4jucpuYpgxEoHexZ_gw8ATG9pig2R6X1A5irecT5zUFmYXhi1BE9Lm7vON9gre8fUHMITUDXmAj_FaJTzjKHlmjl-GnlkIWFzhiur80XxeFVQZMwwknFFTXABtpl78pKAu7ZuxW4yP7tY-SqrgLeeY_OaLw2a0WwFVBhe_XHbF-zK44Bpptk8XXqy8Ql7tEU1TPDA60lXtMKJmVIpG8eUuUz8XuXtp7wKsPzuC8i6reBpuINjl8F6XHkBoQ_6X7Lk0QxpaKZIWvWazj1LnwHnHV-U1lWH4NijRklA2QP7uDwQ36NJ8bQQvNXYYqH_0gM5Q0HqQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4-977XLqY52wHKPG7_UPpJGduAHkj9KxXKeS4YiIAcCNtwEQASAAYLsGggEXY2EtcHViLTE3NTA4NTYyMzkyMDQ0MTTIAQmpAlb3airKNLQ-4AIAqAMBqgSgAk_QQlo64Dv5CG1oFIE3ef4YdkajXtwOokUNypjEkY85g5_-ZukQfiHzKLRj4rqR4TJjyNPXz5v2BJC8RqIRNa9pZP504xuIHDSg_QqYiIc9wNglctXD4Th_sQjaRaXwk4gTIte0JuXtv_a2EtVNosHIl8BoS_B_j25dP26Pk1bs6zZ-LfxCdzp3YLRqLgdkbd8Q9D_rev7e21jytAkTwjQXso5A-Zl-Te6eoh_0X0KSH-QGCqO0NBhM72AQo-7pOaRsEfOzERyT2cvX8U0qJm_NH1SM5ya1ZffrBsO9XIWxUC8L5a7Ggi562VZ9gjgYJHl8A-FLggRnoqKVTzdJ6omA9fUY57WPNFwnTa_hsvuDivDgeZ83kFy-HVORYccKzOAEAYAGlfDDvY331rnnAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_03E-iE8c0SQG9KySPcCa4NDIz5ug%26client%3Dca-pub-1750856239204414%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Feb 2023 17:27:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
c.gif
www.bing.com/aes/ Frame 6EFA
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=016fa027-260e-4044-bf41-38af98bc73d5&oAdUnit=391466&publisherId=162645330&rId=33f4648b-ca67-4372-a68d-ae8083beb921&rlink=https%3A%2...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4edfaa2074764d15b053e9677f501999&tids=15000&med=10
0
119 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4edfaa2074764d15b053e9677f501999&tids=15000&med=10
Protocol
H2
Server
2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C6B81751D070479D8E3866510518DC7B Ref B: LON212050704019 Ref C: 2023-02-13T17:27:11Z
content-length
0
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Mon, 13 Feb 2023 17:27:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 35F7DD674F0F4B019BFC5662A0A7493E Ref B: LON212050704019 Ref C: 2023-02-13T17:27:11Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4edfaa2074764d15b053e9677f501999&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
146
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6EFA
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfPSPBJDvsk062L7kcJWb1gvHwheNgmLBH0kWHmmIqBHOTA0EbNTRGosKrNYmRy0mpYewCa7xfL0f01T-4fwVLkSmSHRHYMZImPkR20cFQutNWd0Az&sig=Cg0ArKJSzLmMcF9Y4_XXEAE&id=lidar2&mcvt=1000&p=1105,436,1195,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=759513158&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676309229819&rpt=719&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
nym1-ib.adnxs-simple.com/ Frame 6EFA
0
799 B
Ping
General
Full URL
https://nym1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fpastelink.net%2Fh7yg164l&e=wqT_3QKvB2yvAwAAAwDWAAUBCOzlqZ8GEJSjqa3wnqueZBj_EQFYASo2CQAAAFutaa4_Ec3MDLBk5Kw_GQAFAQgWQCEREgApESTYMQAAAIDC9fQ_MNHIkgo4gmBAtV5I4wNQuomKtgFYsZOQAWAAaKKOqQF4qsUFgAEBigEDVVNEkgUG8MmYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALY1VvqAh5odHRwczovL3Bhc3RlbGluay5uZXQvaDd5ZzE2NGyAAwGIAwCQAwCYAxSgAwGqA4UDCpsCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MzNmNDY0OGItY2E2Ny00MzcyLWE2OGQtYWU4MDgzYmViOTIxJm9BMjkAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgQzM4pOAPA8cnR5cGU9bnVybCZzbXBsSWQ9ZTg2ZjkmdGFnSWQ9MjEyNzU3MjkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WDFN1YkcFGfQqAXFyc25oeWcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MjIyODM4MDc5MzQ3MzgwNjI4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTRNRGN6TWpRNE5ESTFPVGNqTWpNek5EWXdOamM0TXpJNU9Ea3pNZz09wAOsAsgDANgD-5XCAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECjUuMTg3LjIxLjCoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEuomKtgH6BBIJAAAAAADASUARAAAAoJmZub-IBQGYBQCgBYCN35W1gvH3PqoFEElVSlhRQ1dMUEtLNE9JSDXABQDJBQAAAAAAAPA_0gUJCQAAReNsANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgHBBgkhLPA_0AbCjQTaBhYKEAkSGQEBsWDgBgHyBgIIAIAHAYgHAKAHAcgHqsUF0gcNYVcFAQEmCNoHBgFecBgA4AcA6gcCCADwB8jeB4oIAhAAlQgAAIA_mAgB&s=6a2e24729570c840b771e8e7444f0df4037fc5a8&type=pv&jm=1003&px=436&py=1105&bw=171&bh=90&sf=1&sid=2198544001468527275&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21275729&ft=2
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:11 GMT
AN-X-Request-Uuid
eaa6d81e-f239-4a8a-978b-32b53008dafc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pastelink.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
get
idrs.adtelligent.com/ Frame
0
0
Preflight
General
Full URL
https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.74 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-74.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
OPTIONS,GET,POST
Access-Control-Allow-Origin
https://pastelink.net
Connection
Keep-Alive
Content-Length
0
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
VertaMedia 1.0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pastelink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
510971
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
get
idrs.adtelligent.com/
65 B
444 B
XHR
General
Full URL
https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.74 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-74.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
a6bd86b2a4b1490329a323f64a064f9912876ec3e00936edbc34f96a43c44fbe

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://pastelink.net
Date
Mon, 13 Feb 2023 17:27:12 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
65
Content-Type
application/json
/
id.a-mx.com/sync/
131 B
789 B
XHR
General
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://pastelink.net/h7yg164l&v=7.35.0&vg=advpbjs&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e97d032b9819719b525ee5750d21b591cd0b5f3de16f1833dde7e03fbad9b2d

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POy6CGFw3CB3tr%2BEXZxKMqVWCUilFwmimnm16WIBhWlDdVqt0AN%2BD6P7RJn3aBbBDBcMi6%2B4z%2BqPK9a6cKhGQzEagheMU4QiX0HYvtd4n1x7gTAq9kQ756o4KEPcQNUgO3mSqr863uwFrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
798f45fdf935892a-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpastelink.net%2F&domain=pastelink.net&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=DutfKXxzOTMzcElxZ2VkMGY1dFpIa3RVcjJORVZ0bjhyQ0FScXNLWDRKNUFaWDZJNWZXZXR2VGZFWW1DdXVCZGRPdGdadGl5cDZpV1F6V3h4b29tYVJUc3RKNVptOVVHYzY5Qy9NVnVXVUx5THM5aGg4MjRpVko4ZVp6Yk...
359 B
647 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=DutfKXxzOTMzcElxZ2VkMGY1dFpIa3RVcjJORVZ0bjhyQ0FScXNLWDRKNUFaWDZJNWZXZXR2VGZFWW1DdXVCZGRPdGdadGl5cDZpV1F6V3h4b29tYVJUc3RKNVptOVVHYzY5Qy9NVnVXVUx5THM5aGg4MjRpVko4ZVp6YkpKRGQ0ejJjcEoyWklDMlQ0R2hjbUJTZGhUQUpDZFMwSDNWQ05aWUtta21tV1pzaWs4aXJjemNzN01meC80RCszc1Qwd2dqUGNqU3VZNUtYQ1dBQVAyZUlPaXREbGhsTmJ4amhYR0FWbWVIU0FadzNjMmFvPXw&cppv=2
Protocol
H2
Server
74.119.118.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1377d21e673b4058c83edbb2e04cb0f6fa32d9f74ee8c5819967943e445aee7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1027802
expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=DutfKXxzOTMzcElxZ2VkMGY1dFpIa3RVcjJORVZ0bjhyQ0FScXNLWDRKNUFaWDZJNWZXZXR2VGZFWW1DdXVCZGRPdGdadGl5cDZpV1F6V3h4b29tYVJUc3RKNVptOVVHYzY5Qy9NVnVXVUx5THM5aGg4MjRpVko4ZVp6YkpKRGQ0ejJjcEoyWklDMlQ0R2hjbUJTZGhUQUpDZFMwSDNWQ05aWUtta21tV1pzaWs4aXJjemNzN01meC80RCszc1Qwd2dqUGNqU3VZNUtYQ1dBQVAyZUlPaXREbGhsTmJ4amhYR0FWbWVIU0FadzNjMmFvPXw&cppv=2
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
659564
content-length
0
expires
0
prebid
id5-sync.com/api/config/
136 B
543 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
fe812aab4cb12c1074617d56963eedafc816f1d73b36a619ef887833d808d01c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sync.html
public.servenobid.com/ Frame F379
8 KB
4 KB
Document
General
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-94.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
36261
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 13 Feb 2023 09:28:02 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
x-amz-cf-id
35VpldKFN2Jd_zxfWlKRAsj6nVkZCkYNQi9oOx5KPUWG2eDHiAaeyQ==
x-amz-cf-pop
FRA2-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame F277
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
49460
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 13 Feb 2023 17:27:12 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 210095
X-Served-By
cache-lga13626-LGA, cache-lcy-eglc8600043-LCY
X-Timer
S1676309232.340554,VS0,VE0
sspmatch-iframe
ads.betweendigital.com/ Frame C0B2
603 B
782 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
fef22b296600515632c5d56dcafd2663b83594f857d0ed15dcafc685365cda7a

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
603
content-type
text/html
sync-all.html
adxbid.info/ Frame E2D8
7 KB
3 KB
Document
General
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:af22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fac6d690a986ea87b13b6e4306f7b9ec34fdc89f557cd9d8498729fab89c0c6

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
798f45fe1e8d7701-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=701lr0XuIFULgAt0oBbx3KcS7iiT1GO9EW27gK9OwZZXL9RyorFue%2F%2FmfR428DUUtwpqvmv%2BMWtntT8MeA78W4h10igXPGy8qN7w2PzL1JlIBDqYaff703D4W2vXVXIXCqZ6IPFRJkS%2FOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
checksync.php
contextual.media.net/ Frame 0151
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU658616&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C2055%2C3022%2C3020%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C77%2C38%2C2067%2C2022%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-38-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
75e58a4745434a92a3ee308975570b735d47b83081a80b67b529958e7aa9bb38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://pastelink.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8236
content-type
text/html; charset=UTF-8
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
Wed, 15 Feb 2023 17:27:12 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usersync
usersync.gumgum.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-ef188045-3d26-4f89-4166-6f90780f911a$ip$5.187.21.99
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-ef188045-3d26-4f89-4166-6f90780f911a$ip$5.187.21.99
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-ef188045-3d26-4f89-4166-6f90780f911a$ip$5.187.21.99
Date
Mon, 13 Feb 2023 17:27:12 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/
0
223 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 13 Feb 2023 17:27:12 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A&gdpr=0
0
547 B
Image
General
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A&gdpr=0
Protocol
H2
Server
18.157.254.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-254-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A&gdpr=0
date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.25.233.254 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=IuHOG3cnjy8w&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=IuHOG3cnjy8w&ev=1&pid=558355
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.14.v20181114)
content-language
en-GB
location
https://usersync.gumgum.com/usersync?b=pln&i=IuHOG3cnjy8w&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-76d5679f6b-8jbz6
expires
-1
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/8/2.gif?puid=b17f63ea-72f1-4500-a625-1dd990eacf8e&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AARhr07H1OYAACCVVv_sYA
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/441/108/6/4.gif?puid=f65be3d2-824b-405b-b3a9-465f8c9c28dd&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AARhr07H1OYAACCVVv_sYA&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1241%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/1241/5/5.gif?puid=GJp3rLZH09aTuPhwTfawf5Ed&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F4%2F6.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/4/6.gif?puid=668423eb-dc1b-41c0-ac88-4b9e58df03c0&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F3%2F7.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/441/796/3/7.gif?puid=0a2a99ce-087a-42a1-b7b3-35e8ed7db58d&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Mon, 13 Feb 2023 17:27:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8409742334465611079
0
427 B
Image
General
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8409742334465611079
Protocol
H2
Server
18.157.254.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-254-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
487b9c10-664d-4513-bf14-8d4fe75bca88
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8409742334465611079
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
cm.adform.net/
43 B
106 B
Image
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
server
nginx
content-length
43
content-type
image/gif
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=e275dba9-3723-440b-82dc-1da6bc5ca165&google_hm=ZTI3NWRiYTktMzcyMy00NDBiLTgyZGMtMWRhNmJjNWNhMTY1
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEM-shUYAuZrTYifis9TXzFo&google_cver=1&ssp=vidoomy&bsw_param=e275dba9-3723-440b-82dc-1da6bc5ca165
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=15f3f372-c817-4240-a5b1-81125874c182
43 B
465 B
Image
General
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=15f3f372-c817-4240-a5b1-81125874c182
Protocol
H2
Server
18.157.254.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-254-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=15f3f372-c817-4240-a5b1-81125874c182
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2537256192817712152
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2537256192817712152
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pastelink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e8398ee8-d3fd-42f3-93f1-c88e550b3a9a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2537256192817712152
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ads.betweendigital.com/ Frame C0B2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=15f3f372-c817-4240-a5b1-81125874c182
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=15f3f372-c817-4240-a5b1-81125874c182
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=d3a478c8-c282-4514-bf9d-aa20c0120522&user_group=1&ssp=between&bsw_param=15f3f372-c817-4240-a5b1-81125874c182
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame C0B2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03QlVydjVoRTJ1SF9QSDFyMUMuMnpPVWkxZUNXYXRGc0lWVHBGNTQtfkE%3D&gdpr=0
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03QlVydjVoRTJ1SF9QSDFyMUMuMnpPVWkxZUNXYXRGc0lWVHBGNTQtfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS03QlVydjVoRTJ1SF9QSDFyMUMuMnpPVWkxZUNXYXRGc0lWVHBGNTQtfkE%3D&gdpr=0
date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ads.betweendigital.com/ Frame C0B2
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8PFtiRKsg6g.AikABlGGS9D8Zg
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8PFtiRKsg6g.AikABlGGS9D8Zg
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
nginx
x-backend-id
f19-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u8PFtiRKsg6g.AikABlGGS9D8Zg
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
btw
sync.dmp.otm-r.com/match/ Frame C0B2
0
69 B
Image
General
Full URL
https://sync.dmp.otm-r.com/match/btw?id=757cc365-90dc-522c-8da6-bdc7ee4ccf2b
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.55.244.186 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Feb 2023 17:27:12 GMT
server
nginx/1.23.2
bidder_18.html
cache.betweendigital.com/code/ Frame 2FF8
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=757cc365-90dc-522c-8da6-bdc7ee4ccf2b&CACHEBUSTER=12638
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 13 Feb 2023 17:27:12 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
311
x-cdn-request-id
91be4eae4bd598c4da9bfcf6ffe294dd
async_usersync
ib.adnxs.com/ Frame F277
0
856 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
AN-X-Request-Uuid
02c0131e-b63e-4a31-a266-5bd9e4abbe43
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
400 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
b6d6c7931af902906245113987c4e831f7c515247375e5ed9546647084e3c6ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://pastelink.net
date
Mon, 13 Feb 2023 17:27:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
setuid
rtb.adxpremium.services/ Frame E2D8
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=391082410497323169292
0
556 B
Image
General
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=391082410497323169292
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=391082410497323169292
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
13926
g2.gumgum.com/usync/ Frame 71EA
4 KB
2 KB
Document
General
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.184.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-184-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1aab18691f5f76220a9fba33bcb522c05a4ce01c93e852f1020539d62acbf709

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 13 Feb 2023 17:27:12 GMT
etag
W/"062ddc2040d3fe67d4299f69e5d9dcaea"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame AEAE
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame FC90
578 B
782 B
Document
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
006bdc0818046d681e13ac6028699cac3ab52a6ea04e161f6b436bf487cb44ac

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
578
content-type
text/html
date
Mon, 13 Feb 2023 17:27:11 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 21D0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
729b7cff89d5d43c44dec479c21ff613f2f2b64fa9ed513ede82fa12617e9a50

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1711
Content-Type
text/html
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame D0B5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Feb 2023 17:27:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 13 Feb 2023 17:27:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A645
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157841
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
Wed, 15 Feb 2023 13:17:53 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 8BEC
0
485 B
Document
General
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3c00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 13 Feb 2023 17:27:12 GMT
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-id
4yv3mYUf9kVVqQniGmo54fVLf2IHL0GtsuWkmPhCCTwBGSKxA9ZXOg==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8409742334465611079
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8409742334465611079
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb8d856b-511f-413a-82a5-8818413f3e82
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=8409742334465611079
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=GJp3rRZHlPhC-fi-SuGkM120
0
0

sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=GJp3rLZH09aTuPhwTfawf5Ed
0
349 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=310&uid=GJp3rLZH09aTuPhwTfawf5Ed
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=GJp3rLZH09aTuPhwTfawf5Ed
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1676309232501
  • https://ad.turn.com/r/cs?pid=45&rndcb=741018747
  • https://sync.1rx.io/usersync/turn/4588685664086249098?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003
0
362 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003
date
Mon, 13 Feb 2023 17:27:12 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7febcdb2ef8b4669a1cbfdaadd737375003
content-type
text/html
sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5109685626199567985
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5109685626199567985
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5109685626199567985
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame F379
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-182
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=2ba17f28-28d1-416a-8399-9abbf0d4aba0&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=327&uid=2ba17f28-28d1-416a-8399-9abbf0d4aba0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=2ba17f28-28d1-416a-8399-9abbf0d4aba0&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
0
366 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame F379
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-d73759ff-3e06-36af-8583-7f7102577228&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26bu...
0
0

sync
ads.servenobid.com/ Frame F379
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
0
0

sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=DutfKXxzOTMzcElxZ2VkMGY1dFpIa3RVcjJORVZ0bjhyQ0FScXNLWDRKNUFaWDZJNWZXZXR2VGZFWW1DdXVCZGRPdGdadGl5cDZpV1F6V3h4b29tYVJUc3RKNVptOVVHYzY5Qy9NVnVXVUx5THM5aGg4MjRpVko4ZVp6YkpKRGQ0ejJjcEoyWklDMlQ0R2hjbUJTZGhUQUpDZFMwSDNWQ05aWUtta21tV1pzaWs4aXJjemNzN01meC80RCszc1Qwd2dqUGNqU3VZNUtYQ1dBQVAyZUlPaXREbGhsTmJ4amhYR0FWbWVIU0FadzNjMmFvPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.118.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
317588
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
1102.json
id5-sync.com/g/v2/
455 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/1102.json
Requested by
Host: cdn.adligature.com
URL: https://cdn.adligature.com/pl/prod/prebid-7.35.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
efe6cd6398f7672dfbff7a9ed5e840f882941826618a0dc48dc2b4256b5a31d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://pastelink.net
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8409742334465611079
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8409742334465611079
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
19ec938c-4d50-4aa3-acd2-e5fa8c6d6a70
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=8409742334465611079
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=dd6b6f1d-2f58-4d50-8a57-3a0a134ac0e0&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=15f3f372-c817-4240-a5b1-81125874c182
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=15f3f372-c817-4240-a5b1-81125874c182
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=15f3f372-c817-4240-a5b1-81125874c182
date
Mon, 13 Feb 2023 17:27:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-ecce6cef-82c4-4dc3-4daf-eba1b386364d$ip$5.187.21.99
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-ecce6cef-82c4-4dc3-4daf-eba1b386364d$ip$5.187.21.99
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-ecce6cef-82c4-4dc3-4daf-eba1b386364d$ip$5.187.21.99
Date
Mon, 13 Feb 2023 17:27:12 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=qsQU8yyGmWoqDES4wEw5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT24LTKFKTQ6LZI5WVO33RIRCVGNDXIV3TK...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qsQU8yyGmWoqDES4wEw5&us_privacy=1---
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qsQU8yyGmWoqDES4wEw5&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=qsQU8yyGmWoqDES4wEw5&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=lRrkqznBGfHW&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=lRrkqznBGfHW&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.14.v20181114)
content-language
en-GB
location
https://usersync.gumgum.com/usersync?b=pln&i=lRrkqznBGfHW&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-76d5679f6b-nwb9n
expires
-1
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 71EA
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28dYPFGzs0ERi3mVorckrs3K3pA6zBiRUNqcEP6-leh2ShIipJcY3-4ijO6HzRfvVA%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&obuid=ENC(dYPFGzs0ERi3mVorckrs3K3pA6zBiRUNqcEP6-leh2ShIipJcY3-4ijO6HzRfvVA)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
8.43.72.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Date
Mon, 13 Feb 2023 17:27:13 GMT
X-TraceId
f8b87ec7547d2b1c66ad68c19c9d7a06
Content-Length
0
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=0799a4e8-2fd8-43d9-9e71-6d0acd02a3cc
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=0799a4e8-2fd8-43d9-9e71-6d0acd02a3cc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 13 Feb 2023 17:27:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=0799a4e8-2fd8-43d9-9e71-6d0acd02a3cc
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 71EA
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=0a2a99ce-087a-42a1-b7b3-35e8ed7db58d
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=0a2a99ce-087a-42a1-b7b3-35e8ed7db58d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=0a2a99ce-087a-42a1-b7b3-35e8ed7db58d
Date
Mon, 13 Feb 2023 17:27:12 GMT
Connection
keep-alive
X-CI-RTID
9f3f7fdd-2021-48d2-be40-fa90242c9710
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 71EA
0
292 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
301159255
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_f3df579fe8734d3b91f2c
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_f3df579fe8734d3b91f2c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_f3df579fe8734d3b91f2c
date
Mon, 13 Feb 2023 17:27:12 GMT
content-type
image/gif
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=668423eb-dc1b-41c0-ac88-4b9e58df03c0
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=668423eb-dc1b-41c0-ac88-4b9e58df03c0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=668423eb-dc1b-41c0-ac88-4b9e58df03c0
access-control-allow-origin
*
date
Mon, 13 Feb 2023 17:27:12 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 71EA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=9176623830813833027
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=9176623830813833027
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=9176623830813833027
date
Mon, 13 Feb 2023 17:27:11 GMT
content-length
0
sync
ads.servenobid.com/ Frame 71EA
0
358 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=309&uid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 53E7
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Mon, 13 Feb 2023 17:27:12 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-31aaSAc7H3rXsbhOHNzmH-dUiDu4FBS4DrIyruXN5Q
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A359
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157841
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
Wed, 15 Feb 2023 13:17:53 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 5D40
70 B
265 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 13 Feb 2023 17:27:12 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame E539
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=1dd463ea-72f1-4100-95c5-350ebee65e5c&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=1dd463ea-72f1-4100-95c5-350ebee65e5c&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
Mon, 13 Feb 2023 17:27:11 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 457 2362390 master zrh-pixel-x24 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=1dd463ea-72f1-4100-95c5-350ebee65e5c&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 0D04
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh
  • https://usersync.gumgum.com/usersync?b=atm&i=Y_py8AAAA2zyTwAh&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y_py8AAAA2zyTwAh&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 13 Feb 2023 17:27:12 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y_py8AAAA2zyTwAh&gdpr=0&gdpr_consent=&_test=Y_py8AAAA2zyTwAh
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lcy-eglc8600052-LCY
x-timer
S1676309233.808120,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 9442
170 B
243 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV83NDg1ZTZjNy02ZjVjLTQ2NmEtOGU2NC1kMjBmODVkNWM2NWY=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 5E13
0
0

usersync
usersync.gumgum.com/ Frame 3ACB
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y.py8cCo8YMAALblBXQAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y.py8cCo8YMAALblBXQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:13 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 13 Feb 2023 17:27:13 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y.py8cCo8YMAALblBXQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40163.dc2p.scaleout.jp
X-SO-IP
5.187.21.99
X-SO-Key
Y.py8cCo8YMAALblBXQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"0.0.0.0","key":"Y.py8cCo8YMAALblBXQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40163"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40163
usersync
usersync.gumgum.com/ Frame 6ABA
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=d62efaae-9598-49d9-bbee-eac71a86a16a
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=d62efaae-9598-49d9-bbee-eac71a86a16a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=d62efaae-9598-49d9-bbee-eac71a86a16a
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame 1B18
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y.py8NR3CGyBOR5nOMgzLgAA%262172
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y.py8NR3CGyBOR5nOMgzLgAA%262172
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Keep-Alive
timeout=1, max=498
Location
https://usersync.gumgum.com/usersync?b=iex&i=Y.py8NR3CGyBOR5nOMgzLgAA%262172
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 7541
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=NV0N5iBs4Rqya8HIzEdP&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=NV0N5iBs4Rqya8HIzEdP&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 13 Feb 2023 17:27:12 GMT Mon, 13 Feb 2023 17:27:12 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=NV0N5iBs4Rqya8HIzEdP&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0F9F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Feb 2023 17:27:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 13 Feb 2023 17:27:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
match
ads.betweendigital.com/ Frame 2FF8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D15f3f372-c817-4240-a5b1-81125874c18...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=bb6563ea-72f1-4e00-9152-4332d040d843&expires=30&ssp=between&bsw_param=15f3f372-c817-4240-a5b1-81125874c182&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=15f3f372-c817-4240-a5b1-81125874c182
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame A645
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=31963078&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
554b84e379e037f9a59aa4a9ca469533c5c676ef97cbb4b4b6249c29317a11bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 13 Feb 2023 17:27:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ads.servenobid.com/ Frame FC90
0
344 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1570696521551902471&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:14 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
711890.gif
id.rlcdn.com/ Frame FC90
0
0
Image
General
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

genericusersync.ashx
sync.tidaltv.com/ Frame FC90
42 B
197 B
Image
General
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b001:54a6:97b3:4665:3419 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame FC90
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7199693329457805459&gdpr=0&gdpr_consent=
43 B
408 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7199693329457805459&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7199693329457805459&gdpr=0&gdpr_consent=
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
rtb-csync.smartadserver.com/redir/ Frame FC90
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=nflDAJz4QFCG-hACyPMLBcqoRAKG-RcEmP0i3G14
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=nflDAJz4QFCG-hACyPMLBcqoRAKG-RcEmP0i3G14
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=nflDAJz4QFCG-hACyPMLBcqoRAKG-RcEmP0i3G14
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 21D0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z0VGSV97MNG7B99DWGEQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H7WGE61KKF6T25S31PD7
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 21D0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.py8NR3CGyBOR5nOMgzLgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASQfC4dmzjznxDOLTY1lEk&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASQfC4dmzjznxDOLTY1lEk&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEASQfC4dmzjznxDOLTY1lEk&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 21D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEsxRBLOJK8EWepZa6IY-0&google_cver=1
43 B
766 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEsxRBLOJK8EWepZa6IY-0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBEsxRBLOJK8EWepZa6IY-0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 21D0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 21D0
43 B
600 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 21D0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 21D0
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y.py8NR3CGyBOR5nOMgzLgAA%262172
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a522c305-49a5-4ea4-8f69-eed0a199d199-tuctae3f871
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a522c305-49a5-4ea4-8f69-eed0a199d199-tuctae3f871
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=a522c305-49a5-4ea4-8f69-eed0a199d199-tuctae3f871
date
Mon, 13 Feb 2023 17:27:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
167268
crum
dsum-sec.casalemedia.com/ Frame 21D0
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=a709cd0a-abc3-11ed-8137-1e740f70d0b1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=a709cd0a-abc3-11ed-8137-1e740f70d0b1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=a709cd0a-abc3-11ed-8137-1e740f70d0b1
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-3
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
ads.servenobid.com/ Frame 21D0
0
357 B
Image
General
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
setuid
user-sync.adxpremium.services/ Frame E2D8
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=993744eabf6f40e717dc933eae03955a8f0ea06548d81cc81fd5c831936022bf
86 B
688 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=993744eabf6f40e717dc933eae03955a8f0ea06548d81cc81fd5c831936022bf
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:13 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=993744eabf6f40e717dc933eae03955a8f0ea06548d81cc81fd5c831936022bf
Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
usync.js
eus.rubiconproject.com/ Frame D0B5
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
881cb99b0ea08434a292febe4de0aad280e9d2cb6ab46053de91ae2b93e766ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 13:41:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72765
Connection
keep-alive
Content-Length
10007
Expires
Tue, 14 Feb 2023 13:39:57 GMT
usync.js
eus.rubiconproject.com/ Frame 0F9F
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
881cb99b0ea08434a292febe4de0aad280e9d2cb6ab46053de91ae2b93e766ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 17:27:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 13:41:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72765
Connection
keep-alive
Content-Length
10007
Expires
Tue, 14 Feb 2023 13:39:57 GMT
match
c1.adform.net/serving/cookie/ Frame 113E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0CCC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb6563ea-72f1-4e00-9152-4332d040d843&gdpr=0&gdpr_consent=
42 B
554 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb6563ea-72f1-4e00-9152-4332d040d843&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
Mon, 13 Feb 2023 17:27:11 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 457 2362390 master zrh-pixel-x29 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:bb6563ea-72f1-4e00-9152-4332d040d843&gdpr=0&gdpr_consent=
pubmatic
d5p.de17a.com/getuid/ Frame 02B0
35 B
125 B
Document
General
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.164 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
213-155-156-164.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
widget.us.criteo.com/dis/ Frame 2E3E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...
43 B
363 B
Document
General
Full URL
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 13 Feb 2023 17:27:12 GMT
expires
Mon, 13 Feb 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
246341
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0

Redirect headers

content-length
0
date
Mon, 13 Feb 2023 17:27:11 GMT
location
https://widget.us.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server
Kestrel
server-processing-duration-in-ticks
98103
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame F6F6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds
42 B
418 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 13 Feb 2023 17:27:13 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5288
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 13 Feb 2023 17:27:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QGGY3R0VDY2W6HN3DBFC

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 13 Feb 2023 17:27:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
N9TGQ7G4A43MH55K7M4K
sync
ads.servenobid.com/ Frame AB52
0
357 B
Document
General
Full URL
https://ads.servenobid.com/sync?pid=316&uid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.1.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-21-1-193.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 13 Feb 2023 17:27:12 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A645
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0hoo9uDWQp-6H8KG_y0rnQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=157841
accept-ranges
bytes
content-length
5554
expires
Wed, 15 Feb 2023 13:17:53 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A645
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=89e031c838d1d756a5f11eb2d94fde64&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=67f5114156b8a7d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=67f5114156b8a7d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=4dde71027af3f5ddffcb00f45ce7b13e&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame A645
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&addseg=11,34,40
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&addseg=11,34,40
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
104.36.113.68 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

date
Mon, 13 Feb 2023 17:27:12 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D&addseg=11,34,40
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame A645
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDIxQTI4RjYtRTBENi00MjlGLUJBMUYtQzI4NkZGMkQyQjlE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A645
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO017BgsDOmJONAXEwOvn-I&google_cver=1
42 B
379 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO017BgsDOmJONAXEwOvn-I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 13 Feb 2023 17:27:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO017BgsDOmJONAXEwOvn-I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A645
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 12 Feb 2023 17:27:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A645
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6889078074837267255
42 B
219 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6889078074837267255
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6889078074837267255
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A645
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 13 Feb 2023 17:27:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
khaos.jpg
token.rubiconproject.com/ Frame D0B5
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 0F9F
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
a72ae3d2-abc3-11ed-a1c4-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 2FF8
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjw5amfBqIBEKcq49KrwxHtocQAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a72ae3d2-abc3-11ed-a1c4-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a72ae3d2-abc3-11ed-a1c4-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=elXXFR1DAQ27JJO4wn19ZA&
  • https://an.yandex.ru/mapuid/adsniperis/a72ae3d2-abc3-11ed-a1c4-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/a72ae3d2-abc3-11ed-a1c4-002590c82437?redir-setuniq=1
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/adsniperis/a72ae3d2-abc3-11ed-a1c4-002590c82437?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 13 Feb 2023 17:27:13 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Feb 2023 17:27:13 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 13 Feb 2023 17:27:13 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/a72ae3d2-abc3-11ed-a1c4-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Feb 2023 17:27:13 GMT
sync
vid.vidoomy.com/ Frame F7F1
49 KB
18 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 13 Feb 2023 17:27:13 GMT
etag
W/"63e28045-c234"
last-modified
Tue, 07 Feb 2023 16:45:57 GMT
server
CDN77-Turbo
x-77-cache
HIT
x-77-nzt
Abm0DAaH+/z/OfEHAA
x-77-nzt-ray
fefc880d2bff1836f172ea63f3234f15
x-77-pop
viennaAT
x-accel-expires
@1676825528
x-age
520505
x-cache
HIT
async_usersync
ib.adnxs.com/ Frame F277
0
856 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Feb 2023 17:27:13 GMT
AN-X-Request-Uuid
ce3dcf44-eb2f-44ce-b215-0c6c27fe705d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.187.21.99; 5.187.21.99; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame E2D8
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.py8NR3CGyBOR5nOMgzLgAA%262172
86 B
820 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.py8NR3CGyBOR5nOMgzLgAA%262172
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:13 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ%2FCCge6C%2FvrpE2Eriu8uysAWahS9f8BDHUqVB5cKlCsXRwf3GgPKgqxV5tnspiYxfrQSYK5X4kpuG6q1mMgchlGLi5bVI5BkIl6VuvUyLT8x72s7Zmc5NQ5KM7FM7XDx%2B68EZPa"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=Y.py8NR3CGyBOR5nOMgzLgAA%262172
cache-control
no-cache
cf-ray
798f460599cddd33-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame F7F1
1 KB
749 B
XHR
General
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-77-pop
viennaAT
date
Mon, 13 Feb 2023 17:27:13 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
372919
x-77-nzt
Abm0DAYWAfj/t7AFAA
x-accel-expires
@1676973114
last-modified
Thu, 09 Feb 2023 09:51:05 GMT
server
CDN77-Turbo
etag
W/"63e4c209-42e"
x-77-nzt-ray
fefc880d53079e39f172ea63aa845428
vary
Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC31
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157840
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 13 Feb 2023 17:27:13 GMT
expires
Wed, 15 Feb 2023 13:17:53 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
user-sync.adxpremium.services/ Frame E2D8
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GJp3rLZH09aTuPhwTfawf5Ed
86 B
940 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GJp3rLZH09aTuPhwTfawf5Ed
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:13 GMT
content-length
86
content-type
image/png

Redirect headers

Date
Mon, 13 Feb 2023 17:27:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GJp3rLZH09aTuPhwTfawf5Ed
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame E07A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=757cc365-90dc-522c-8da6-bdc7ee4ccf2b&CACHEBUSTER=12638
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Feb 2023 17:27:13 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 13 Feb 2023 17:27:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
sync.php
pixel.rubiconproject.com/exchange/ Frame E2D8
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame E07A
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
881cb99b0ea08434a292febe4de0aad280e9d2cb6ab46053de91ae2b93e766ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Mon, 13 Feb 2023 17:27:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Feb 2023 13:41:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72764
Connection
keep-alive
Content-Length
10007
Expires
Tue, 14 Feb 2023 13:39:57 GMT
khaos.jpg
token.rubiconproject.com/ Frame E07A
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame E2D8
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6889078074837267255
86 B
1 KB
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6889078074837267255
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 17:27:14 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6889078074837267255
date
Mon, 13 Feb 2023 17:27:14 GMT
server
nginx
content-length
0
content-type
text/plain
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E07A
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
12638
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 2FF8
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12638
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12638
43 B
297 B
Image
General
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12638
Protocol
H2
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.5.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:14 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.5.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:14 GMT
strict-transport-security
max-age=2678400
server
ms-counter-3.5.5/1.20.2
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/12638
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
sync
ads.yieldmo.com/ Frame 2FF8
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=757cc365-90dc-522c-8da6-bdc7ee4ccf2b&expires=60
  • https://ads.yieldmo.com/sync?userid=15f3f372-c817-4240-a5b1-81125874c182&pn_id=bsw&extinit=1&gdpr=&gdpr_consent=
0
0

collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S3DKHVPF03&gtm=45je3260&_p=1662980172&cid=806525551.1676309228&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1676309227&sct=1&seg=0&dl=https%3A%2F%2Fpastelink.net%2Fh7yg164l&dt=VBCWSh567GBCFHMAWeku8%20-%20Pastelink.net&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S3DKHVPF03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pastelink.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 17:27:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pastelink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A645
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=GJp3rRZHlPhC-fi-SuGkM120
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-d73759ff-3e06-36af-8583-7f7102577228&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1kNzM3NTlmZi0zZTA2LTM2YWYtODU4My03ZjcxMDI1NzcyMjgQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1kNzM3NTlmZi0zZTA2LTM2YWYtODU4My03ZjcxMDI1NzcyMjgyAhobOAE=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=339&uid=y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/sync?userid=15f3f372-c817-4240-a5b1-81125874c182&pn_id=bsw&extinit=1&gdpr=&gdpr_consent=
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| Cookies object| dataLayer object| googletag object| advally object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| find_height function| setCookie function| copyToClipboard function| getCookie function| eraseCookie function| validateEmail function| unsure function| clearexplain function| resize function| changeGenerateButtonState function| notify function| removeNotification function| refreshView function| captchaLoaded function| callCustomAjax function| retrieveGetVariables function| setGetVariables string| size object| advpbjs undefined| cmd object| google_tag_manager object| google_tag_data object| advpbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| gaplugins object| gaData undefined| google_measure_js_timing undefined| conf string| x object| slotRules object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS number| lnt_z object| google_image_requests

144 Cookies

Domain/Path Name / Value
pastelink.net/ Name: PHPSESSID
Value: 2h33f2mmcgoehci634rsufjfik
.pastelink.net/ Name: _gcl_au
Value: 1.1.640770339.1676309228
.pastelink.net/ Name: _ga
Value: GA1.2.806525551.1676309228
.pastelink.net/ Name: _gid
Value: GA1.2.2007369109.1676309228
.pastelink.net/ Name: _gat_UA-55088947-2
Value: 1
pastelink.net/ Name: plTest
Value: false
.pastelink.net/ Name: _gat_advallyTrackerpl
Value: 1
pastelink.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 757cc365-90dc-522c-8da6-bdc7ee4ccf2b
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1676309228_1676309228
.go.sonobi.com/ Name: __uis
Value: dfed6072-7d3b-43ce-9d65-86634027ac4f
.go.sonobi.com/ Name: _usd_pastelink.net
Value: 40a38744-71e9-40f6-92b9-4e4200b9be18
.go.sonobi.com/ Name: HAPLB8A
Value: s85129|Y+py7
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: jgFQ1i7taklKhSNj6gDbrT2vwGcSkhv0wdsVuVN3XO0JnnhQNEENepVYwz7mqhjJv7BVie7JXURyOdsqxNoHzCsF7uRK7iZw2GZYt99ZuDLNuTEFR0i7Fba6pnlEGuJV9CI9JZiryWj_l0zKUYJ7BBKrm0f4VSX2z_q_FNHVHfw
.gumgum.com/ Name: vst
Value: u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f
.doubleclick.net/ Name: IDE
Value: AHWqTUkvoVP2qi2pZrWXdKqN1cdZuh6RcVJl2-AgJuEKrBiqV4LZDChzSCfBz7cB1i0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pastelink.net/ Name: __gads
Value: ID=63c90d2fd9afa75e:T=1676309229:S=ALNI_MbFKXEYGcIXB81yQReNYKkhveS3RQ
.pastelink.net/ Name: __gpi
Value: UID=00000bb53b1e3f00:T=1676309229:RT=1676309229:S=ALNI_MYWgy58pXJtqE_7_EW-pWS-ge5utw
.pastelink.net/ Name: _ga_S3DKHVPF03
Value: GS1.1.1676309227.1.0.1676309229.0.0.0
.bing.com/ Name: MUID
Value: 1AAF09B5B028607D1E001B02B151614E
.id5-sync.com/ Name: callback
Value:
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.adnxs.com/ Name: uuid2
Value: 8409742334465611079
.bidswitch.net/ Name: c
Value: 1676309232
.bidswitch.net/ Name: tuuid_lu
Value: 1676309232
.3lift.com/ Name: tluid
Value: 391082410497323169292
.bidswitch.net/ Name: tuuid
Value: 15f3f372-c817-4240-a5b1-81125874c182
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjO0tDQ1M7e0MBXiM9RN8Uh2LvesygzNC7YAAOKDWHUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZm5mbGBpZGxkamIGAPNb_ksQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjO0tDQ1M7e0MBXiM9RN8Uh2LvesygzNC7YAAOKDWHUlAAAA
.deepintent.com/ Name: CDIUSER
Value: di_f3df579fe8734d3b91f2c
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.casalemedia.com/ Name: CMID
Value: Y.py8NR3CGyBOR5nOMgzLgAA
.casalemedia.com/ Name: CMPS
Value: 2172
.casalemedia.com/ Name: CMPRO
Value: 2172
.lijit.com/ Name: ljt_reader
Value: GJp3rLZH09aTuPhwTfawf5Ed
.ads.pubmatic.com/ Name: KCCH
Value: YES
.smartadserver.com/ Name: pid
Value: 9176623830813833027
.servenobid.com/ Name: pid_312
Value: 8409742334465611079
.adtelligent.com/ Name: vmuid
Value: 46f3f56764668b9f
.servenobid.com/ Name: pid_327
Value: 2ba17f28-28d1-416a-8399-9abbf0d4aba0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0c5c01293295b08a
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22142%22%3A%2220230213%22%7D
.openx.net/ Name: i
Value: 23083fc1-ae4a-4478-a3dc-b50f61759177|1676309232
.servenobid.com/ Name: pid_324
Value: 5109685626199567985
.turn.com/ Name: uid
Value: 4588685664086249098
.yahoo.com/ Name: A3
Value: d=AQABBPBy6mMCEDKysgGfrEgSdEfoJ2fMSMsFEgEBAQHE62P0YwAAAAAA_eMAAA&S=AQAAAt5cXhenSR8QLEHXw2pOadA
.analytics.yahoo.com/ Name: IDSYNC
Value: 199l~29z5
.servenobid.com/ Name: pid_309
Value: u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f
.mathtag.com/ Name: uuid
Value: bb6563ea-72f1-4e00-9152-4332d040d843
.adfarm1.adition.com/ Name: UserID1
Value: 7199693329457805459
.servenobid.com/ Name: pid_310
Value: GJp3rLZH09aTuPhwTfawf5Ed
.creativecdn.com/ Name: u
Value: NV0N5iBs4Rqya8HIzEdP
.creativecdn.com/ Name: ts
Value: 1676309232
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ecce6cef-82c4-4dc3-4daf-eba1b386364d.p0BDg1Q9SONxkPG0FX7IH%2F152G9%2BXN0icsntIAdTQBc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A7M5s74LETcNNr-uhs4Y2TQW7FWM.xnK5lHoAH6NwvQMHzAEGl2UBfOni6L4%2BxTKNfUK9Mw0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1677456000%3A201_197_219_221
.pubmatic.com/ Name: SyncRTB3
Value: 1677542400%3A35%7C1677456000%3A220_13_56_54_8_21_7_161_251
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI4NDA5NzQyMzM0NDY1NjExMDc5IiwiZXhwaXJlcyI6IjIwMjMtMDItMjdUMTc6Mjc6MTIuNDMwMzE4M1oifSwidmVyaXpvbm1lZGlhIjp7InVpZCI6InktN0JVcnY1aEUydUhfUEgxcjFDLjJ6T1VpMWVDV2F0RnNJVlRwRjU0LX5BIiwiZXhwaXJlcyI6IjIwMjMtMDItMjdUMTc6Mjc6MTIuNzQ3ODY1MTY2WiJ9fSwiYmRheSI6IjIwMjMtMDItMTNUMTc6Mjc6MTIuNDMwMzE0NTM5WiJ9
.adhigh.net/ Name: gi_u
Value: u8PFtiRKsg6g.AikABlGGS9D8Zg
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y_py8AAAA2zyTwAh
.adgrx.com/ Name: ADGRX_UID
Value: a709cd0a-abc3-11ed-8137-1e740f70d0b1
.servenobid.com/ Name: pid_333
Value: Y-py8NR3CGyBOR5nOMgzLgAACHwAAAAB
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.go.sonobi.com/ Name: HAPLB8S
Value: s85182|Y+py8
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003%22%7D
.fiftyt.com/ Name: fifid
Value: c75bd4f7-2f0a-4c44-49d9-38326ac22f97
.fiftyt.com/ Name: cs
Value: MTY3NjMwOTIzMnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fCZ_v126ej--sLpRH8HcSAOIFthPduhrQj5ywp_6hB6D
.servenobid.com/ Name: pid_337
Value: y-7BUrv5hE2uH_PH1r1C.2zOUi1eCWatFsIVTpF54-~A
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjE1ZjNmMzcyLWM4MTctNDI0MC1hNWIxLTgxMTI1ODc0YzE4MiIsImV4cGlyZXMiOjE2Nzg5MDEyMzJ9fX0=
.adhigh.net/ Name: btw_sync
Value: LKpm
pool.admedo.com/ Name: tuuid
Value: d3a478c8-c282-4514-bf9d-aa20c0120522
pool.admedo.com/ Name: c
Value: 1676309232
pool.admedo.com/ Name: tuuid_lu
Value: 1676309232
.simpli.fi/ Name: suid
Value: BFA28C31B2B042C58EBED1C4E2FAC814
.smartadserver.com/ Name: csync
Value: 49:7199693329457805459
.onaudience.com/ Name: cookie
Value: 67f5114156b8a7d6
.onaudience.com/ Name: done_redirects161
Value: 1
.fiftyt.com/ Name: fppm
Value: 20230213172712
.admanmedia.com/ Name: admtr
Value: d62efaae-9598-49d9-bbee-eac71a86a16a
.admanmedia.com/ Name: ac_r
Value: CS71
ads.avct.cloud/ Name: uuid
Value: dd6b6f1d-2f58-4d50-8a57-3a0a134ac0e0
.360yield.com/ Name: tuuid
Value: 668423eb-dc1b-41c0-ac88-4b9e58df03c0
.360yield.com/ Name: tuuid_lu
Value: 1676309232
.servenobid.com/ Name: pid_316
Value: D21A28F6-E0D6-429F-BA1F-C286FF2D2B9D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-d73759ff-3e06-36af-8583-7f7102577228
.adform.net/ Name: C
Value: 1
.bidr.io/ Name: bito
Value: AARhr07H1OYAACCVVv_sYA
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:bb6563ea-72f1-4e00-9152-4332d040d843&KRTB&16736-uid:bb6563ea-72f1-4e00-9152-4332d040d843&KRTB&23019-uid:bb6563ea-72f1-4e00-9152-4332d040d843&KRTB&23114-uid:bb6563ea-72f1-4e00-9152-4332d040d843
.ipredictive.com/ Name: cu
Value: 0a2a99ce-087a-42a1-b7b3-35e8ed7db58d|1676309232939
.bumlam.com/ Name: suuid3
Value: IiRhNzJhZTNkMi1hYmMzLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.adform.net/ Name: uid
Value: 6889078074837267255
.servenobid.com/ Name: pid_321
Value: RX-7febcdb2-ef8b-4669-a1cb-fdaadd737375-003
.betweendigital.com/ Name: ut
Value: Y-py8QAAVfCCjsj3Ry8x8xgev9waLR3QsLWBYw==
.as.ck-ie.com/ Name: CID
Value: ca77bfc03cbda52c7666912aafef47f33644bca4
.zemanta.com/ Name: zuid
Value: qsQU8yyGmWoqDES4wEw5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6889078074837267255&KRTB&23263-6889078074837267255
.quantserve.com/ Name: d
Value: EGMBDQGkKIir0QA
.quantserve.com/ Name: mc
Value: 63ea72f1-06cc9-dabbc-31e37
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.id5-sync.com/ Name: id5
Value: 8fe05ce3-7921-79ea-90fa-a4f8e693364a#1676309232350#4
.onaudience.com/ Name: done_redirects104
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A7b7slPBP0oBg-E_NFpKo2A
.outbrain.com/ Name: obuid
Value: 3c4e4906-b60b-438b-84fe-3a9a113d02bd
.tapad.com/ Name: TapAd_TS
Value: 1676309233202
.tapad.com/ Name: TapAd_DID
Value: f65be3d2-824b-405b-b3a9-465f8c9c28dd
.aidata.io/ Name: __upin
Value: elXXFR1DAQ27JJO4wn19ZA
.aidata.io/ Name: __upints
Value: 1676309233
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 4dde71027af3f5ddffcb00f45ce7b13e
x01.aidata.io/ Name: adsnpr
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds&KRTB&19420-nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds&KRTB&22979-nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds&KRTB&23403-nTSD1pw1gIaGN9DUmTLL0Zth3o-GZYWEm2RZG3ds
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEO017BgsDOmJONAXEwOvn-I&KRTB&22987-CAESEO017BgsDOmJONAXEwOvn-I&KRTB&23025-CAESEO017BgsDOmJONAXEwOvn-I&KRTB&23386-CAESEO017BgsDOmJONAXEwOvn-I
.pubmatic.com/ Name: PugT
Value: 1676309231
.bluekai.com/ Name: bku
Value: ikG99wa0bZmbLc1T
.bluekai.com/ Name: bkpa
Value: KJhz0X2rQM9z9mY73E5NdAgHYNZz69vt/a/GzkZyA/lT7X/1KdokkhNtdFnBE5LlzXYn8K3NgjtcuqnPmnvnrMNznfVKloB1r3jrmIKpfIXsTEDYiG9KatSXb+klzbZr4EUE+yLYmoiZ1IBP/becX2Yz3CRON5U84vp6b45CViwLHZdQO8RgdSO/qzvk0Wr4tEyVGZ9hTjWQG/OnB0n370IP+I1QzoVvAC2WknWBkgf/qwUlxrZndzcl5ZcikjAWiXL+lzgW8ZP9PO8MF9dtZ8haqCcAVs8eZz4HgkCq1GpnHeWfJ1hEv4OQXkc4mI5k1oMlK25IPUo6a+wo2sz9r2jK/x==
.pastelink.net/ Name: cto_bundle
Value: bsMTGV9RNXpFZE9lM0x1ZzE3WVpRUXZlRCUyRjM4Tlk1WTNIdUlPRzFrSTQlMkZkTzB1T2QlMkJ4MHFqdGRyM1JmSzl6JTJCeWxtV3dQclJsNnJkSXhTbHYlMkJhYTBxem00SlZHaDZsVWY3TDRJYVNUclNLMzNkWnRvemhybWZIeTBHcGdWWUc5Tkgyd20
.pastelink.net/ Name: cto_bidid
Value: L0MH8V9jT3lvTHFXM3hUYUlDbnpkYkYxTXJpMWp2T1ZJRVI5RTIlMkY2RDFSN2VnOGFRU1RDYzl0Rzh3ZHBBVEx4ZUZqVUlIMGs2NTZBMDZDWm5LRVpUa2lWOUdnJTNEJTNE
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.lijit.com/ Name: _ljtrtb_85
Value: AARhr07H1OYAACCVVv_sYA
.id5-sync.com/ Name: 3pi
Value: 3#1676309232743#-429062651#b17f63ea-72f1-4500-a625-1dd990eacf8e|441#1676309232403#1739625731#u_7485e6c7-6f5c-466a-8e64-d20f85d5c65f|1241#1676309233575#-471846358|155#1676309232997#850289564#AARhr07H1OYAACCVVv_sYA|108#1676309233453#-547993633
.yandex.ru/ Name: yuidss
Value: 2411980811676309233
.yandex.ru/ Name: yandexuid
Value: 2411980811676309233
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJZLnB5OE5SM0NHeUJPUjVuT01nekxnQUFcdTAwMjYyMTcyIiwiZXhwaXJlcyI6IjIwMjMtMDItMjdUMTg6Mjc6MTMuNjI3NzYwOTY4KzAxOjAwIn0sInNtYXJ0eWFkcyI6eyJ1aWQiOiI5OTM3NDRlYWJmNmY0MGU3MTdkYzkzM2VhZTAzOTU1YThmMGVhMDY1NDhkODFjYzgxZmQ1YzgzMTkzNjAyMmJmIiwiZXhwaXJlcyI6IjIwMjMtMDItMjdUMTg6Mjc6MTMuMTc4MzQ1MzAzKzAxOjAwIn0sInNvdnJuIjp7InVpZCI6IkdKcDNyTFpIMDlhVHVQaHdUZmF3ZjVFZCIsImV4cGlyZXMiOiIyMDIzLTAyLTI3VDE4OjI3OjEzLjc4NzYzMTM2MSswMTowMCJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjM5MTA4MjQxMDQ5NzMyMzE2OTI5MiIsImV4cGlyZXMiOiIyMDIzLTAyLTI3VDE4OjI3OjEyLjYxMjE0ODkwOCswMTowMCJ9fSwiYmRheSI6IjIwMjMtMDItMTNUMTg6Mjc6MTIuNjEyMTQ2MzgyKzAxOjAwIn0=
.360yield.com/ Name: um
Value: !79,WbWE0L0kJwlR7Os5PBSoDmnrvalg9HTZMshfkeBn6-5hrHXqz0I3PVfjFHq3kCo1ycO5oYHrnzHQR5or,1684085233
.360yield.com/ Name: umeh
Value: !79,0,1738517233,-1

2 Console Messages

Source Level URL
Text
other warning URL: https://427931a706a3792253c915ada805f799.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
427931a706a3792253c915ada805f799.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.uk
adservice.google.com
adxbid.info
an.yandex.ru
ap.lijit.com
apex.go.sonobi.com
as.ck-ie.com
assets.a-mo.net
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bing-ads-display-ads-cdn.azureedge.net
c1.adform.net
c2shb.pubgw.yahoo.com
cache.betweendigital.com
cat.nl.eu.criteo.com
cdn.adligature.com
cdn.adnxs-simple.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
csm.eu.criteo.net
d.vidoomy.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idrs.adtelligent.com
image2.pubmatic.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
loada.exelator.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
nym1-ib.adnxs-simple.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pastelink.net
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
pro.ip-api.com
public.servenobid.com
px.adhigh.net
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.fr.eu.criteo.com
rtb.nl3.eu.criteo.com
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
usersync.gumgum.com
vid.vidoomy.com
visitor.fiftyt.com
vpaid.vidoomy.com
widget.us.criteo.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
ads.servenobid.com
ads.yieldmo.com
cs.emxdgt.com
cs.iqzone.com
simage4.pubmatic.com
100.21.1.193
104.126.125.209
104.36.113.107
104.36.113.68
124.146.215.44
13.224.189.94
135.125.163.79
141.226.230.48
141.94.171.214
142.251.208.162
145.40.88.5
15.197.193.217
151.101.1.108
151.101.193.108
151.101.66.49
151.236.118.210
162.19.138.118
162.19.138.83
169.197.150.7
172.64.154.237
173.231.181.122
178.250.2.148
178.250.2.151
18.157.254.184
18.184.106.202
18.195.253.212
18.198.69.109
18.233.161.105
185.106.140.18
185.184.8.90
185.29.132.245
185.64.189.110
185.64.189.115
185.80.39.216
185.86.138.155
185.86.139.101
188.42.191.196
193.0.160.128
193.232.150.46
194.55.244.186
198.148.27.140
20.127.253.7
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
2001:6d0:4001::226
209.25.233.254
213.155.156.164
213.19.147.44
216.52.2.16
23.203.124.192
23.203.125.189
23.64.52.128
2600:1f1c:a99:832c:d4e8:8c1e:e58e:3348
2600:9000:21f3:3c00:1f:4c18:bd40:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:20::681a:8a9
2606:4700::6811:180e
2606:4700::6812:272
2606:4700::6813:9e13
2606:4700:e4::ac40:af22
2620:1ec:48:1::45
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:400d:80a::2003
2a01:111:202c::200
2a02:2638:1::4
2a02:2638:1::8
2a02:2638:3::9
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:6b8::90
2a02:6ea0:cb00::2
2a05:d018:24:b001:54a6:97b3:4665:3419
2a05:d018:d29:3601:ebfb:2347:dbfe:4c27
2a06:98c1:3120::3
3.126.56.137
3.221.169.208
31.172.81.158
34.107.148.139
34.235.231.136
34.247.233.198
34.98.64.218
35.170.181.32
35.201.96.126
35.204.158.49
35.210.53.219
35.227.197.177
35.244.174.68
37.157.4.28
37.157.6.245
37.252.171.21
37.252.171.53
38.133.127.159
51.77.64.70
51.89.9.253
52.215.255.163
52.35.184.178
52.46.130.91
54.219.241.183
54.243.11.32
54.76.31.2
62.149.0.74
64.74.236.191
67.220.226.234
68.67.179.155
69.166.1.12
69.166.1.15
69.173.144.139
69.173.144.165
74.118.184.143
74.119.118.149
74.119.119.150
76.223.111.18
8.2.110.113
8.43.72.97
80.77.87.163
85.114.159.118
89.108.120.68
89.35.29.15
92.123.38.97
006bdc0818046d681e13ac6028699cac3ab52a6ea04e161f6b436bf487cb44ac
01408f8061623faa6d2c0f015cd23483c3aa363c095e152f613ed94c87a5803d
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b5e2686f6629c59154002dd504f9755e80158ecc8d887f80a269e4b14932f58
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1135d9bf7138e2cbd2c6dca7f80a0c20063d379b56de102c68ec74ce3d26b1df
11837d25fc9bc666adbd8177bcea673545a736b2a436b2b6606fc7f94e6a3890
13100cd3879e5c1385581d7c88153e60cd7c3e4b0578fe2838daa56da689769b
1377d21e673b4058c83edbb2e04cb0f6fa32d9f74ee8c5819967943e445aee7e
15f20e02ef301e62ed325d633f971c506dcf1be3458c2371b849b505bb8673dc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
190d542d8e593c755fd16e67ca62583e183957829dfb69cc2e00c7bf67df237d
1a5d0ecea385c3f56e66e375c804575a4fbd5d29c9fc33a98a7914ec114a23fa
1a86c0a4e9b8be09d56019996fbb5eaa79a5a2c6207eb98a2d0fc3e537efca6e
1aab18691f5f76220a9fba33bcb522c05a4ce01c93e852f1020539d62acbf709
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1c9e4c65f9d921b1c0829958cc7b2f307a3e22ac7a23e8315b6db4c0954e1107
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e97d032b9819719b525ee5750d21b591cd0b5f3de16f1833dde7e03fbad9b2d
1e991857d7b5b2aadc42d37e7aaf342bf76eec322a733900b6e31b2aae233e09
25e0bbba083ec871934f70423280011e467074132143204ab2545a11bf0b0fda
29b32ee97e8e36fdf88d42909504b8f5bfefb90c7f3ead8ad23dc5815597fad1
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aef5b1d2fb690bb6e55203efe55fe450953ae337f3013a562339dd0f20990d7
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2e4db0d2188b8af6a4760d64a85c42a9ac0c58d86946cad217782df766bdeb10
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a73b36061944ebbb33696553917d393280f796e212afcd09057b441c1168606
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e436deeb1dd3e2d874a572015648c8553b5dc7566f3acb37d6ee8cf5160c35c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d4b6bd9f50c8f2034d7a6e88b06b053b78d249cb693e7f6792a349e7379674
42be1eb208fce6024a2d26a3caae02def19e0f28bf5ddafdb470d8eeb86c9ca4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468faf01bef7f2c0cd3cb8395f799fdddb13c6b5119b1fc112a073bb70eb0df9
470c2dcd5627936e1b313e5e7f390accae60f91080a18e4cf6d861181ef56c10
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50a60e5e5f2e8f10a2f8685031ec9849ba8faff613139f3a402e89f25ccbbabc
52253c2b577fcdb20cc2d80b60d8ee47a6617d3cb0292ed7dbc81f5100388125
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554b84e379e037f9a59aa4a9ca469533c5c676ef97cbb4b4b6249c29317a11bf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57226adbc32c91a8cd4ec9ee08e4f155f3450e79256731c04f81709a58c4c1fc
589287787f8805dedb24cde98bfecc87405aec4af8668301ba671b5b530ef3be
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5cc9053e5760a4515d244e246ef330c5215ea48614f8d4f61535425191b3a7de
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
613efd0497ff39f53123ca22f71747b75f22d7ab9b6996aa1deaab799cefd334
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623cb79a1554f770fcff76f07df8b58b15ae95504c0136c49be776817bf1f464
670dc66bdd658139d240eedad1274df27975093212b087640ace94fdd41e2038
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69ff3c64a227e6142667495b7cbe108fa757b7d915855902c704af4015f77d16
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
6eb131d23a47b80f5fd8259354cbbae6e4696a6d28df7d7c2e2cc88c0b956e43
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
729b7cff89d5d43c44dec479c21ff613f2f2b64fa9ed513ede82fa12617e9a50
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7414cb94e275bb19ab34ca89c41e2fe1fa511209960370a3cf5b67c548a4552c
75e58a4745434a92a3ee308975570b735d47b83081a80b67b529958e7aa9bb38
76d7a46ca40eafdd0b6ee2d75b87a33058d1d94e83fd0285ab2a281f6332686a
79adcf5d728d216874b367b40d662ba0d00c67de3c6a921a91a6233e59c7da9c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
7ff27bd7468e144f062c1da292497a23a183a0968b8d762bc6ba0dcd84881a4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
881cb99b0ea08434a292febe4de0aad280e9d2cb6ab46053de91ae2b93e766ce
882212b7ce288f71487e310138a9bacbf0e54bf95a2ded009715c362591707ff
894b5bc38f3e63254a9c94c12a28a09025b5add22136a52b68849b82216d7408
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af24d7350dbdc8eea22e4737deaa35a795b19b0560d7173113bec7e8a3effb7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2fe21de3e452f52d11147684ab0198b8a4731ba16c3f60a3fb90dd258a2da4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fac6d690a986ea87b13b6e4306f7b9ec34fdc89f557cd9d8498729fab89c0c6
9101d76a9ebb972db0af4100626104995331ea2fcf4e893b902c01c58d6b6e50
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9deaac5d56e16e3ebabea7074260b0fd928a5f1ed99708ce779fba46a83bcdc8
9ea469681964aaf6c4bf17c354b66109b0203f86549bdf6b8332a64b15cd7611
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a6bd86b2a4b1490329a323f64a064f9912876ec3e00936edbc34f96a43c44fbe
a6e4bb7b9b292e79dadbb2f292f3d245f45763f25b938e64540355615f479709
a71a3803ab0f6f1c955b5a6bb90054b6697d3a29581e92ef119b6b472933c877
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
aab425e12bf9a1651f17ed34a261aba3ef06961032b5d776e273ad3746b6b054
af4505c0ad20fbad984ced63561f7d483acdaed05c5273354fec1f1e5a61345f
affbbf5049f8c230f7de4580a98186661c9e1e865c1113736e8bc1c998c82431
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4eeacba9977e193136fccc59f55a480d71cde6a204cbd79c6e632707c97a387
b6d6c7931af902906245113987c4e831f7c515247375e5ed9546647084e3c6ef
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
c0062d4f840d9d1ee1d43aba617a31f8aabb7dcec283d14f6bd0d852fad672f3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24ccee9a35eef9e74411eac871935bdff6bcb895cce80b754b66d3e4292a3ce
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c64cda3c1c7c935b57b27894caec3b370b98d70011c8e5ea2f31691be13c8fe7
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db2363029b4f54378ff6662b39bc15138122f515494fc54048fd89a70485fe55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebfd96030683611d9ed054682f1ddf8b9098bc7d10105602b338605b0ae82a9a
ed6cd01c384db70bedbe24986aa85b0745f994ad71b7e5712f8a60e1ff457d7f
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe6cd6398f7672dfbff7a9ed5e840f882941826618a0dc48dc2b4256b5a31d1
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f97f22fde697c9d8c77639fbbca1a74e82708f3c908d9005107cd2fc71033da1
fa19ab413493b004c5957325db711ffde124c52cb5007049f1331dd1302bc774
fe812aab4cb12c1074617d56963eedafc816f1d73b36a619ef887833d808d01c
fef22b296600515632c5d56dcafd2663b83594f857d0ed15dcafc685365cda7a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e